kraven-security/python-threat-hunting-tools external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

kraven-security/python-threat-hunting-tools

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/kraven-security/python-threat-hunting-tools)

Close

kraven-security / python-threat-hunting-toolsView on GitHubMore

• External links
• Readme badge

This repository contains various threat hunting tools written in Python and is documented in the series Python Threat Hunting Tools which can be found at Kraven Security - Python Threat Hunting Tools. Feel free to use, expand, and adapt these tools as you learn how to create your own tools to hunt for threats!

☆18Nov 16, 2023Updated 2 years ago

Alternatives and similar repositories for python-threat-hunting-tools

Users that are interested in python-threat-hunting-tools are comparing it to the libraries listed below

• kraven-security / hunting-packages

  View on GitHub
  A project designed to make the operationalization of open-source cyber threat intelligence more efficient.
  ☆17Updated this week
• joeavanzato / ThreatSim

  View on GitHub
  Threat Simulator for Enterprise Networks
  ☆14May 14, 2022Updated 3 years ago
• cmu-sei / pdfrankenstein

  View on GitHub
  Python tool for bulk PDF feature extraction. This tool is a prototype.
  ☆25Jan 9, 2017Updated 9 years ago
• yathuvaran / AT-AT

  View on GitHub
  AT-AT (Attack Tree Analysis Tool) is a application that allows users to develop and analyze attack trees. The overall goal is to automati…
  ☆29Aug 17, 2022Updated 3 years ago
• MISP / PyMISPWarningLists

  View on GitHub
  Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists
  ☆35Jan 8, 2026Updated last month
• enisaeu / Reference-Security-Incident-Taxonomy-Task-Force

  View on GitHub
  This repository hosts files relating to the TF-CSIRT Reference Security Incident Taxonomy Working Group.
  ☆74Apr 4, 2025Updated 11 months ago
• michael-fischer / SaintconPython

  View on GitHub
  One Day of Python for SaintCon 2022
  ☆11Jan 3, 2023Updated 3 years ago
• ail-project / ail-training

  View on GitHub
  AIL project training materials
  ☆39Feb 24, 2026Updated last week
• SkillAegis / SkillAegis

  View on GitHub
  SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…
  ☆35Oct 21, 2025Updated 4 months ago
• mayfield / ecmcli

  View on GitHub
  Cradlepoint ECM Command Line Interface
  ☆11Mar 7, 2023Updated 2 years ago
• sroberts / jager

  View on GitHub
  Hunting IOCs all day every day...
  ☆88Sep 26, 2023Updated 2 years ago
• quarkslab / diffing_obfuscation_dataset

  View on GitHub
  The dataset was used as a support to attack obfuscations. It is the largest obfuscated dataset, with realistic and various binaries and f…
  ☆19Jan 15, 2026Updated last month
• pudo / datawi.re

  View on GitHub
  Data notification service: subscribe to keywords and get notified whenever an open data sources mentions that keyword.
  ☆24Aug 25, 2013Updated 12 years ago
• getlantern / lantern-roadmap

  View on GitHub
  Roadmap for Lantern development
  ☆12Mar 2, 2018Updated 8 years ago
• CiscoSE / SnortBlocklistImporter

  View on GitHub
  This is a script to import Cisco Talos's IP Blacklist into a Tag (Host Group) within Stealthwatch. This will also optionally create a Cu…
  ☆11May 22, 2023Updated 2 years ago
• liranmatcu / Docker_Security_Labs

  View on GitHub
  The Eureka Lab Series is designed for learners at all levels of experience and interest in security concepts and technologies.
  ☆10Nov 30, 2025Updated 3 months ago
• poorting / nfdump2clickhouse

  View on GitHub
  service to convert nfcapd files clickhouse as they are created
  ☆10Mar 22, 2025Updated 11 months ago
• JouniMi / Threathunt.blog

  View on GitHub
  Queries from the blog posts.
  ☆15Oct 6, 2024Updated last year
• MichelleEmbleton / appSecRadar

  View on GitHub
  A colour-coded radar chart to keep track of technologies in use, whether they are being evaluated, adopted or phased out.
  ☆14Jan 6, 2021Updated 5 years ago
• corelight / zeek-community-id

  View on GitHub
  Zeek support for Community ID flow hashing.
  ☆36Jul 11, 2023Updated 2 years ago
• cudeso / misp2defender

  View on GitHub
  MISP to Microsoft Defender integration
  ☆17Feb 24, 2026Updated last week
• PaloAltoNetworks / Splunk-App-Data-Generator

  View on GitHub
  Sample data generator for the Splunk for Palo Alto Networks app.
  ☆12Sep 25, 2016Updated 9 years ago
• zeroq / kraut_salad

  View on GitHub
  Proof of concept implementation of a cyber threat intelligence and incident handling platform
  ☆11Feb 10, 2023Updated 3 years ago
• brainkim / archieml-python

  View on GitHub
  Python parser for the Archie Markup Language (ArchieML)
  ☆12Nov 7, 2021Updated 4 years ago
• honeydbio / honeydb-python

  View on GitHub
  HoneyDB Python Module
  ☆14Feb 6, 2024Updated 2 years ago
• gbraad-tailscale / tailscale-systemd

  View on GitHub
  Tailscale System(d) (bootable) container for use with Podman Machine, Podman Desktop, MicroShift and OpenShift Local installations
  ☆12Dec 30, 2024Updated last year
• opendata / CKAN-Multisite-Plans

  View on GitHub
  Simplifying the process of launching an open data repository. [RETIRED]
  ☆20Jan 7, 2015Updated 11 years ago
• gabrielcurrie / nist-cybersecurity-library

  View on GitHub
  Technical cyber security resources across the NIST cyber security framework lifecycle
  ☆11Apr 28, 2021Updated 4 years ago
• ThatSINEWAVE / LinkWarden-Bot

  View on GitHub
  A bot that uses various APIs to scan links directly inside any discord server automatically
  ☆14Jun 10, 2025Updated 8 months ago
• 18F / contracting-cookbook

  View on GitHub
  Digital Contracting Cookbook
  ☆10Mar 9, 2016Updated 9 years ago
• theleetsec / LeetSec-Tools

  View on GitHub
  Automated, aggressive reconnaissance engine for Bug Bounty Hunting and Red Teaming. Features hardware auto-scaling, smart recursion, and …
  ☆17Dec 18, 2025Updated 2 months ago
• mamoedo / social-alerts

  View on GitHub
  Get notified instantly when your users of interest speak about something.
  ☆10Mar 24, 2020Updated 5 years ago
• maciejporebski / azure-ad-first-party-apps-permissions

  View on GitHub
  ☆16Updated this week
• randomaccess3 / regripper_gui

  View on GitHub
  GUI for regripper
  ☆11Mar 19, 2019Updated 6 years ago
• PaulSec / SSLBlackList

  View on GitHub
  (Unofficial) Python API for https://sslbl.abuse.ch/
  ☆11Dec 9, 2016Updated 9 years ago
• Mrjohns42 / WeatherDash

  View on GitHub
  Smart weather dashboard. Integrates with OpenWeatherMaps and Ecobee. Designed to run on RaspberryPi.
  ☆15Aug 19, 2023Updated 2 years ago
• mdmonsurali / Large-Language-Model-LLM-

  View on GitHub
  Welcome to the LLM Tutorials and RAG Implementations repository! This repository provides tutorials, guides, and implementations for work…
  ☆12Jul 1, 2025Updated 8 months ago
• fabriciojoc / malware-machinelearning

  View on GitHub
  Malware - Machine Learning
  ☆11Mar 24, 2018Updated 7 years ago
• pdas-codespace / AzureOpenAI-Enterprise-Governance

  View on GitHub
  The goal of this repository is to accelerate Azure OpenAI service adoption and put an enterprise governance structure around it using Azu…
  ☆12Sep 13, 2023Updated 2 years ago