Alternatives and similar repositories for threat-team

Users that are interested in threat-team are comparing it to the libraries listed below

• referefref / aiocrioc
  An LLM and OCR based Indicator of Compromise Extraction Tool
  ☆35Updated 9 months ago
• markkcc / crxaminer
  Examine Chrome extensions for security issues
  ☆85Updated last month
• adulau / HHHash
  HTTP Headers Hashing (HHHash) is a technique used to create a fingerprint of an HTTP server based on the headers it returns.
  ☆77Updated 2 years ago
• n0jam / gcp-ctf-workshop
  ☆41Updated 9 months ago
• BushidoUK / MITRE-Mappings
  A public repository of MITRE ATT&ACK TTP mappings by BushidoUK for OSINT reports that lack a section breaking down the TTPs.
  ☆26Updated 6 months ago
• DataDog / whoAMI-scanner
  Scan your account for the use of untrusted AMIs
  ☆29Updated 3 weeks ago
• elastic / SWAT
  ☆164Updated this week
• bartblaze / FARA
  Repository that contains a set of purposefully erroneous Yara rules.
  ☆58Updated last month
• korniko98 / pivot-atlas
  ☆96Updated last month
• jstrosch / subcrawl
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆54Updated 9 months ago
• Cyb3rWard0g / IntelRAGU
  Intel Retrieval Augmented Generation (RAG) Utilities
  ☆90Updated last year
• BushidoUK / Abused-Legitimate-Services
  Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups
  ☆60Updated 2 years ago
• piercing-index / cloud-vulnerabilities
  ☆41Updated 6 months ago
• DataDog / HASH
  HASH (HTTP Agnostic Software Honeypot)
  ☆138Updated last year
• threatcat-ch / malware-analysis-pipeline
  Lightweight Python-Based Malware Analysis Pipeline
  ☆35Updated this week
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆65Updated 3 years ago
• fkie-cad / bountyhunter
  A Caldera plugin for the emulation of complete, realistic cyberattack chains.
  ☆56Updated 3 weeks ago
• facebookincubator / ForgeArmory
  ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).
  ☆117Updated 11 months ago
• silascutler / dockerhoneypot-logs
  Collection of Docker honeypot logs from 2021 - 2024
  ☆36Updated 11 months ago
• offensive-actions / azure-storage-reverse-shell
  This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs
  ☆37Updated 11 months ago
• santosomar / kev_checker
  A basic Python program to check Cybersecurity & Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEV) Catalog
  ☆22Updated 2 years ago
• c2links / NoWhere2Hide
  C2 Active Scanner
  ☆59Updated last year
• vectra-ai-research / derf
  DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…
  ☆102Updated last year
• center-for-threat-informed-defense / attack-powered-suit
  ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…
  ☆78Updated 3 months ago
• rapid7 / Rapid7-Labs
  Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…
  ☆71Updated 3 months ago
• cudeso / proof-value-cti
  Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.
  ☆52Updated 10 months ago
• AppOmni-Labs / event-maturity-matrix
  The Event Maturity Matrix (EMM) is a comprehensive framework that provides clarity regarding the capabilities and nuances of SaaS audit l…
  ☆27Updated 2 months ago
• BenjiTrapp / aws-threat-hunting
  Short deep dive into Threat Hunting on AWS
  ☆13Updated last year
• CyberSecurityUP / Adversary-Emulation-Guide
  ☆21Updated 2 years ago
• SpecterOps / GitHound
  ☆71Updated last month