Alternatives and similar repositories for TIBER-Cases

Users that are interested in TIBER-Cases are comparing it to the libraries listed below

• fastlorenzo / redelk-kibana-app

  View on GitHub
  Kibana app for RedELK
  ☆18Mar 19, 2023Updated 2 years ago
• ricardojba / Even-More-Awesome-Mainframe-Hacking

  View on GitHub
  ☆13Oct 29, 2024Updated last year
• inzlain / sameuser

  View on GitHub
  Helper script for BloodHound to automatically add relationships between multiple accounts owned by the same individual
  ☆14Jul 13, 2022Updated 3 years ago
• gavz / s4killer

  View on GitHub
  ☆20Feb 6, 2024Updated 2 years ago
• BreakingMhet / honeyzure

  View on GitHub
  HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…
  ☆17Jun 11, 2024Updated last year
• VIGINUM-FR / Rapports-Techniques

  View on GitHub
  Rapports techniques de VIGINUM
  ☆36Sep 15, 2025Updated 5 months ago
• CanTopay / thehive-playbook-creator

  View on GitHub
  A script to create and assign SOP tasks into the cases
  ☆20Aug 16, 2020Updated 5 years ago
• kcyerrid / CTI

  View on GitHub
  Cyber Threat Intelligence
  ☆74Dec 7, 2025Updated 2 months ago
• cedowens / Mod_Rewrite_Automation

  View on GitHub
  Scripts to automate standing up apache2 with mod_rewrite in front of C2 servers.
  ☆47Feb 17, 2021Updated 4 years ago
• cloudc2 / kubered

  View on GitHub
  ☆21Dec 8, 2022Updated 3 years ago
• SecurityRiskAdvisors / ATTiRe

  View on GitHub
  Attack Tool Timing and Reporting - Structured Attack Logging Format
  ☆22Nov 4, 2022Updated 3 years ago
• ConstantinT / Lantern

  View on GitHub
  ☆23Nov 13, 2021Updated 4 years ago
• center-for-threat-informed-defense / defending-iaas-with-attack

  View on GitHub
  Defending IaaS with ATT&CK is a project to create a collection of ATT&CK techniques relevant to a Linux IaaS environment, as well as a me…
  ☆14May 28, 2025Updated 8 months ago
• 22XploiterCrew-Team / Hash-Cracking

  View on GitHub
  CRACK AND CHECK HASH TYPES IN BULK
  ☆13Jul 28, 2021Updated 4 years ago
• lordsaibat / finding_windows_privileges

  View on GitHub
  Windows privileges add to the complexity of Windows user permissions. Each additional user added to a group could lead to a domain compro…
  ☆10Mar 2, 2018Updated 7 years ago
• robmikh / CaptureGifEncoder

  View on GitHub
  A simple screen gif encoder using Windows.Graphics.Capture and WIC.
  ☆26Dec 27, 2022Updated 3 years ago
• mobdk / VBA-DLL-WMI-EXECUTION

  View on GitHub
  Call your own DLL from VBA and execute code under process svchost.exe with WMI
  ☆12Mar 6, 2020Updated 5 years ago
• rabidang3ls / HTTPsC2DoneRight

  View on GitHub
  Slightly modified version of https://raw.githubusercontent.com/killswitch-GUI/CobaltStrike-ToolKit/master/HTTPsC2DoneRight.sh
  ☆12Nov 16, 2017Updated 8 years ago
• spaceraccoon / serverless-recon-example

  View on GitHub
  Example of a serverless web reconaissance workflow's AWS architecture.
  ☆11Feb 25, 2023Updated 2 years ago
• PacktPublishing / Purple-Team-Strategies

  View on GitHub
  Purple Team Strategies, Published by Packt
  ☆14Jan 30, 2023Updated 3 years ago
• secgroundzero / hashslack

  View on GitHub
  Small utility script to notify via Slack about Hashcat's progress during a password cracking session
  ☆10Mar 10, 2019Updated 6 years ago
• upils / redirect-lib

  View on GitHub
  Library of traffic redirectors
  ☆26Apr 7, 2020Updated 5 years ago
• nccgroup / UninstalledAppCanary

  View on GitHub
  A Canary which fires when uninstalled
  ☆34Mar 16, 2021Updated 4 years ago
• StrangeBeeCorp / thehive-templates

  View on GitHub
  ☆28Nov 25, 2025Updated 2 months ago
• SecurityJosh / MuteSysmon

  View on GitHub
  A PowerShell script to prevent Sysmon from writing its events
  ☆16Apr 23, 2020Updated 5 years ago
• Telefonica / MetaThief

  View on GitHub
  PoC for extracting office files into PDF file metadata
  ☆11Sep 11, 2019Updated 6 years ago
• aacgood / Cortex-Analyzers

  View on GitHub
  A collection of Cortex Analyzers and Responders for TheHive/Cortex
  ☆13Jan 29, 2020Updated 6 years ago
• rvrsh3ll / Sharp-Suite

  View on GitHub
  My musings with C#
  ☆28Dec 23, 2022Updated 3 years ago
• Leoid / Python2Intruder

  View on GitHub
  Pythonize Intruder Payload
  ☆13Dec 15, 2020Updated 5 years ago
• ANSSI-FR / orc2timeline

  View on GitHub
  orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them
  ☆34Jun 27, 2025Updated 7 months ago
• SkillAegis / SkillAegis

  View on GitHub
  SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…
  ☆34Oct 21, 2025Updated 3 months ago
• webpro255 / Windows-Sysmon-Threat-Hunting-Guide

  View on GitHub
  A resource for leveraging Windows and Sysmon event codes in threat hunting and incident response.
  ☆24Sep 29, 2024Updated last year
• thirdeyeintelligence / ThreatHunting

  View on GitHub
  An informational repo about hunting for adversaries in your IT environment.
  ☆14Apr 10, 2017Updated 8 years ago
• trellix-enterprise / ac3-threat-sightings

  View on GitHub
  A threat sighting collects the behavior of a real threats and the observables used during its engagement.
  ☆12Mar 29, 2022Updated 3 years ago
• COSSAS / sacti

  View on GitHub
  SACTI - Securely aggregate CTI sightings and report them on MISP
  ☆14Oct 24, 2022Updated 3 years ago
• michenriksen / tmpl

  View on GitHub
  Simple tmux session management.
  ☆16Dec 16, 2023Updated 2 years ago
• Syslifters / split-bloodhound

  View on GitHub
  ☆18Sep 14, 2023Updated 2 years ago
• yukh1402 / cti-stix-diamond-activity-attack-graph

  View on GitHub
  STIX 2.1 Visualizer, Attack and Activity Thread Graph for Threat Modeling
  ☆33Dec 9, 2024Updated last year
• RiccardoAncarani / bloodhound-playbook

  View on GitHub
  Reproducible and extensible BloodHound playbooks
  ☆44Jan 20, 2020Updated 6 years ago