This repository contains various threat hunting tools written in Python and is documented in the series Python Threat Hunting Tools which can be found at Kraven Security - Python Threat Hunting Tools. Feel free to use, expand, and adapt these tools as you learn how to create your own tools to hunt for threats!
☆18Nov 16, 2023Updated 2 years ago
Alternatives and similar repositories for python-threat-hunting-tools
Users that are interested in python-threat-hunting-tools are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Threat Simulator for Enterprise Networks☆14May 14, 2022Updated 3 years ago
- This project provides a set of Google Apps Scripts designed to help you identify and analyze potentially malicious domains directly from …☆14Sep 4, 2024Updated last year
- AIL project training materials☆39Feb 24, 2026Updated last month
- Forensic tool for extracting and analyzing Google DriveFS cached files and metadata.☆20May 9, 2025Updated 11 months ago
- Automated, aggressive reconnaissance engine for Bug Bounty Hunting and Red Teaming. Features hardware auto-scaling, smart recursion, and …☆17Dec 18, 2025Updated 3 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Python script for carving Bitlocker VMK keys☆26Feb 4, 2026Updated 2 months ago
- Splunk Stuffs!☆13Oct 14, 2023Updated 2 years ago
- ☆19Jan 31, 2025Updated last year
- A comprehensive ETW (Event Tracing for Windows) event generation tool designed for testing and research purposes.☆265Sep 23, 2025Updated 6 months ago
- Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists☆36Jan 8, 2026Updated 3 months ago
- ThreatTrack | Shodan + ExploitDB + GitHub + NVD☆17Jul 16, 2024Updated last year
- Dark web related material☆25May 19, 2025Updated 10 months ago
- service to convert nfcapd files clickhouse as they are created☆10Mar 22, 2025Updated last year
- NextThingCo C.H.I.P. linux repository retrieved for use with meta-chip Yocto meta layer☆10Nov 8, 2018Updated 7 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Menu for Thor scanner lite☆20Oct 24, 2025Updated 5 months ago
- Threat Detection Rules (Snort/Sigma/Yara)☆14Jan 23, 2024Updated 2 years ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆57Mar 2, 2026Updated last month
- Replacement aluminum CNC backplate for the MNT Pocket Reform☆12Jan 4, 2025Updated last year
- My simple configuration of a TIC(Telegraf, InfluxDB and Chronograf), Speedtest and Grafana, to follow my network speed and quality☆10Mar 10, 2021Updated 5 years ago
- ☆14Sep 28, 2023Updated 2 years ago
- Share Information about Microsoft Security Products☆61Updated this week
- An ultra lightweight web screenshot tool with advanced DOM analysis features.☆41Apr 1, 2026Updated last week
- Tools and scripts to deploy and manage OpenRelik instances☆16Mar 23, 2026Updated 3 weeks ago
- Deploy open-source AI quickly and easily - Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- MISP to Microsoft Defender integration☆17Feb 24, 2026Updated last month
- A bot that uses various APIs to scan links directly inside any discord server automatically☆14Mar 26, 2026Updated 2 weeks ago
- command line tool to use the DNSDB Flexible Search API extensions.☆16Aug 5, 2024Updated last year
- A public repository of MITRE ATT&ACK TTP mappings by BushidoUK for OSINT reports that lack a section breaking down the TTPs.☆26Mar 20, 2025Updated last year
- This directory contains presentations and related materials of my speaking engagements. I also use this to record historical presentation…☆17Feb 13, 2025Updated last year
- Finding ClickFix and FakeCAPTCHA like it's 1999☆135Mar 14, 2026Updated last month
- Information Stealers Wall of Sheep (IS-WOS)☆11Nov 13, 2020Updated 5 years ago
- Cradlepoint ECM Command Line Interface☆11Mar 7, 2023Updated 3 years ago
- Comprehensive pfSense deployment, monitoring, and security knowledge base: From basic configuration to advanced SIEM infrastructure, IDS/…☆23Mar 29, 2026Updated 2 weeks ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A javascript library to convert Outlook *.msg files to *.eml☆11Jun 27, 2024Updated last year
- Python wrapper for Aruba Orchestrator and Edge Connect API☆17Dec 17, 2025Updated 3 months ago
- Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.☆35Apr 7, 2026Updated last week
- ☆74Apr 4, 2026Updated last week
- Official urlscan.io and urlscan Pro CLI tool☆34Apr 1, 2026Updated 2 weeks ago
- Simulating Adversary Operations☆98Apr 13, 2018Updated 8 years ago
- Monitor traffic for unencrypted data and display a dashboard.☆15Aug 31, 2017Updated 8 years ago