Alternatives and similar repositories for Threat-Hunter

Users that are interested in Threat-Hunter are comparing it to the libraries listed below

• remg427 / TA-thehive

  View on GitHub
  Splunk TA for alert action to TheHive-project
  ☆11May 13, 2020Updated 5 years ago
• zeflow / Sigma2SplunkAlert

  View on GitHub
  Converts Sigma detection rules to a Splunk alert configuration.
  ☆12Jul 1, 2021Updated 4 years ago
• Digital-Forensics-Discord-Server / GitHubLearningPlayground

  View on GitHub
  Fork this repo! Do a Pull Request! As many times as you want! Learn the ins and outs of how to contribute to GitHub! Make your mistakes h…
  ☆14Jun 21, 2024Updated last year
• dwmetz / detonaRE

  View on GitHub
  Capture. Detonate. Collect
  ☆14Sep 20, 2024Updated last year
• nasbench / Eventlog_Compendium

  View on GitHub
  The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.
  ☆52Apr 22, 2025Updated 9 months ago
• randomaccess3 / 4n6_stuff

  View on GitHub
  Git for me to put all my forensics stuff
  ☆23Sep 2, 2025Updated 5 months ago
• SecurityBagel / VulnBagel

  View on GitHub
  A collection of dashboards, templates, API's and Power BI code for vulnerability management and analysis
  ☆24Feb 2, 2025Updated last year
• darkquasar / AIMOD2

  View on GitHub
  Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…
  ☆90Sep 16, 2023Updated 2 years ago
• dfrws / papers

  View on GitHub
  Papers and Presentations from the DFRWS Conferences
  ☆20Jul 12, 2022Updated 3 years ago
• nisargsuthar / Veritas

  View on GitHub
  A hex viewer for the sleuths!
  ☆20Nov 7, 2025Updated 3 months ago
• EricZimmerman / iisGeolocate

  View on GitHub
  geolocate ip addresses in IIS logs
  ☆20Jan 8, 2025Updated last year
• mamun-sec / decap

  View on GitHub
  ☆34Jun 13, 2023Updated 2 years ago
• nidem / forgedpillow

  View on GitHub
  A tool to modify timestamps in a packet capture to a user selected date
  ☆31Aug 11, 2021Updated 4 years ago
• stark4n6 / SQLiteWalker

  View on GitHub
  Python script to walk a folder or a zip file for SQLite Databases
  ☆37Sep 20, 2023Updated 2 years ago
• WillOram / cyber-incident-management

  View on GitHub
  Notes on managing and coordinating the response to major cyber incidents
  ☆41May 30, 2020Updated 5 years ago
• CrowdStrike / xwf-yara-scanner

  View on GitHub
  ☆92Jul 30, 2025Updated 6 months ago
• JeffMichelmore / MDEKit

  View on GitHub
  ☆42Oct 11, 2023Updated 2 years ago
• maksimkurb / home-ops

  View on GitHub
  My home server infrastructure as code
  ☆16Updated this week
• k-jarzyna / adk-modular-architecture

  View on GitHub
  ☆15Aug 5, 2025Updated 6 months ago
• kev365 / OSDFIR-Lab

  View on GitHub
  ☆22Nov 22, 2025Updated 2 months ago
• D4RK-PHOENIX / Digital-forensics-cheatsheets-collection

  View on GitHub
  In this article i've listed a collection of cheatsheets for digital forensics. It covering forensics topics for smartphone , memory , net…
  ☆13Mar 8, 2020Updated 5 years ago
• noodlemctwoodle / sentinel.blog

  View on GitHub
  The Sentinel.blog Repository provides automation tools for updating Analytics Rules, Content Hub Solutions, and Workbooks, eliminating re…
  ☆17Updated this week
• strozfriedberg / notatin

  View on GitHub
  A Windows registry file parser written in Rust
  ☆41Oct 30, 2025Updated 3 months ago
• blueteam0ps / memOptix

  View on GitHub
  A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.
  ☆97May 28, 2023Updated 2 years ago
• khyrenz / parseusbs

  View on GitHub
  Parses USB connection artifacts from offline Registry hives
  ☆107Feb 8, 2026Updated last week
• Bert-JanP / KustoHawk

  View on GitHub
  KustoHawk is a lightweight incident triage and response tool designed for effective incident response in Microsoft Defender XDR and Micro…
  ☆126Jan 11, 2026Updated last month
• Cosive / cti-toolkit

  View on GitHub
  CERT Australia Cyber Threat Intelligence (CTI) Toolkit
  ☆15Nov 11, 2017Updated 8 years ago
• backpine / cloudflare-example-deployments

  View on GitHub
  ☆11Oct 27, 2024Updated last year
• Whee30 / Case-Management-script

  View on GitHub
  A simple python script to generate nested folders based on user input. The script will also name and place a template report document and…
  ☆11Jun 19, 2025Updated 7 months ago
• FullTang / AndroidPWList

  View on GitHub
  A password list optimized for use on Android devices.
  ☆11Jul 2, 2022Updated 3 years ago
• f5devcentral / f5-ja4

  View on GitHub
  ☆18May 27, 2025Updated 8 months ago
• ilyaglow / dor

  View on GitHub
  🌦️ Domain Ranker
  ☆16Sep 7, 2019Updated 6 years ago
• Kathayra / HT-Trackr

  View on GitHub
  How can you track the hunting techniques you come up with?
  ☆13Sep 3, 2017Updated 8 years ago
• autonubil / go-wazuh

  View on GitHub
  go client for the wazuh rest api
  ☆12Nov 1, 2025Updated 3 months ago
• msdirtbag / MicrosoftPurpleTeamToolkit

  View on GitHub
  ☆45Apr 10, 2024Updated last year
• dwmetz / Axiom-PowerShell

  View on GitHub
  PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.
  ☆12Aug 26, 2024Updated last year
• x-vespiary / writeup

  View on GitHub
  CTF writeups by ./Vespiary
  ☆16Nov 12, 2023Updated 2 years ago
• xiv3r / ttl-bypass

  View on GitHub
  Bypass anti-tethering and anti-hotspot sharing (TTL=1) using OpenWRT nftables on a Wi-Fi repeater or extender.
  ☆13Aug 24, 2025Updated 5 months ago
• tribalchicken / postfix-cuckoolyse

  View on GitHub
  A Postfix filter which takes a piped message and submits it to Cuckoo Sandbox
  ☆11Apr 3, 2016Updated 9 years ago