Alternatives and similar repositories for threat-team

Users that are interested in threat-team are comparing it to the libraries listed below

• korniko98 / pivot-atlas
  ☆99Updated 2 weeks ago
• markkcc / crxaminer
  Examine Chrome extensions for security issues
  ☆86Updated 3 months ago
• DataDog / HASH
  HASH (HTTP Agnostic Software Honeypot)
  ☆140Updated last year
• Neo23x0 / god-mode-rules
  God Mode Detection Rules
  ☆134Updated last year
• center-for-threat-informed-defense / attack-powered-suit
  ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…
  ☆79Updated 5 months ago
• Cyb3rWard0g / IntelRAGU
  Intel Retrieval Augmented Generation (RAG) Utilities
  ☆91Updated last year
• AttackIQ / SigmAIQ
  A pySigma wrapper and langchain toolkit for automatic rule creation/translation
  ☆86Updated last week
• bartblaze / FARA
  Repository that contains a set of purposefully erroneous Yara rules.
  ☆60Updated 3 months ago
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆65Updated 3 years ago
• ThreatLabz / iocs
  This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports
  ☆75Updated 3 months ago
• openrelik / openrelik-server
  The core backend server handling API requests and task management
  ☆49Updated 3 weeks ago
• 0xAIDR / AIDR-Bastion
  A comprehensive GenAI protection system designed to protect against malicious prompts, injection attacks, and harmful content. System inc…
  ☆94Updated last month
• JPCERTCC / MemoryForensic-on-Cloud
  Memory Forensic System on Cloud
  ☆92Updated last year
• CTI-Driven / LOLBins
  The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…
  ☆125Updated last year
• ThreatMon / ThreatMon-Daily-C2-Feeds
  IOC Stream and Command and Control Database Containing Command and Control (C2) Servers Detected Daily by ThreatMon.
  ☆68Updated last year
• c2links / NoWhere2Hide
  C2 Active Scanner
  ☆60Updated last year
• cudeso / proof-value-cti
  Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.
  ☆52Updated last year
• silascutler / awesome-docker-malware-analysis
  Repository of tools and resources for analyzing Docker containers
  ☆71Updated last year
• Yamato-Security / suzaku
  Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.
  ☆155Updated 3 weeks ago
• yaaras / honeybee
  Create honeypots for cloud environments
  ☆103Updated last month
• blackstork-io / fabric-templates
  Open-source Fabric templates for cybersecurity and compliance
  ☆25Updated 10 months ago
• rapid7 / Rapid7-Labs
  Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…
  ☆73Updated 5 months ago
• fox-it / acquire
  acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.
  ☆111Updated last week
• muchdogesec / obstracts
  Turn any blog into structured threat intelligence.
  ☆40Updated this week
• docker-forensics-toolkit / toolkit
  A toolkit for the post-mortem examination of Docker containers from forensic HDD copies
  ☆107Updated last year
• mitre / training
  A CALDERA plugin
  ☆26Updated this week
• 100DaysofYARA / 2025
  Rules shared by the community from 100 Days of YARA 2025
  ☆37Updated 9 months ago
• 100DaysofYARA / 2023
  Rules Shared by the Community from 100 Days of YARA 2023
  ☆78Updated 2 years ago
• Neo23x0 / Loki2
  LOKI2 - Simple IOC and YARA Scanner
  ☆105Updated 4 months ago
• fkie-cad / bountyhunter
  A Caldera plugin for the emulation of complete, realistic cyberattack chains.
  ☆58Updated 2 months ago