Forensics scripts aimed at automating & enhancing the Forensics Legend Eric Zimmerman's techniques, integrating the statistical detections of the world's greatest hacker Mark Baggett whose zero day still works a decade later, and eventually evolving the Threat Hunting Legend Florian Roth's Sigma scanning aimed towards the top of the pyramid of p…
☆18Sep 7, 2023Updated 2 years ago
Alternatives and similar repositories for Threat-Hunter
Users that are interested in Threat-Hunter are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Capture. Detonate. Collect☆14Sep 20, 2024Updated last year
- ☆17Mar 8, 2024Updated 2 years ago
- The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.☆54Apr 22, 2025Updated 11 months ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- A hex viewer for the sleuths!☆20Nov 7, 2025Updated 4 months ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Disables FBE, proca, Vaultkeeper and auto-reflash of stock recovery on Samsung Pie devices, TESTED on S10, N10, A10 - A50 and Tab A 10.1 …☆12Dec 31, 2021Updated 4 years ago
- ☆14Sep 22, 2023Updated 2 years ago
- Papers and Presentations from the DFRWS Conferences☆20Jul 12, 2022Updated 3 years ago
- Splunk TA for alert action to TheHive-project☆11May 13, 2020Updated 5 years ago
- ☆34Jun 13, 2023Updated 2 years ago
- Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.☆65Feb 22, 2026Updated last month
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆90Sep 16, 2023Updated 2 years ago
- Git for me to put all my forensics stuff☆23Sep 2, 2025Updated 6 months ago
- ☆43Oct 11, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- geolocate ip addresses in IIS logs☆20Jan 8, 2025Updated last year
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆18Apr 10, 2020Updated 5 years ago
- A collection of dashboards, templates, API's and Power BI code for vulnerability management and analysis☆23Feb 2, 2025Updated last year
- Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.☆17Oct 28, 2023Updated 2 years ago
- Simple zero-config SSL reverse proxy for Tailscale users (LetsEncrypt certs)☆14Mar 8, 2022Updated 4 years ago
- Notes on managing and coordinating the response to major cyber incidents☆41May 30, 2020Updated 5 years ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97May 28, 2023Updated 2 years ago
- 🃏Memory Game🃏is a course assignment of CS193p (2020 Spring) at Stanford University. The game is simply a card matching game, where the …☆18Aug 27, 2023Updated 2 years ago
- Ekoparty's BlueSpace Keynote November 2021. Shoutout to @plugxor Muchas Gracias!!!☆13Jun 5, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Parses USB connection artifacts from offline Registry hives☆107Feb 8, 2026Updated last month
- A repo that contains links to projects by members of the Digital Forensics Discord Server! This is meant to help promote projects made by…☆16Oct 5, 2023Updated 2 years ago
- In this article i've listed a collection of cheatsheets for digital forensics. It covering forensics topics for smartphone , memory , net…☆13Mar 8, 2020Updated 6 years ago
- Automatic/Custom Destinations & LNK (MS-SHLLINK) Browser☆45Mar 13, 2026Updated 2 weeks ago
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆340Dec 3, 2025Updated 3 months ago
- Generate 1337speak based password dictionaries☆12Jul 27, 2018Updated 7 years ago
- ☆11Oct 27, 2024Updated last year
- A tool to modify timestamps in a packet capture to a user selected date☆31Aug 11, 2021Updated 4 years ago
- ☆19Feb 26, 2026Updated last month
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Three datasets to practice Threat Hunting against.☆46Jan 3, 2024Updated 2 years ago
- Python script to walk a folder or a zip file for SQLite Databases☆37Sep 20, 2023Updated 2 years ago
- Osquery Packs we use for customer security hardening☆12Jun 30, 2025Updated 8 months ago
- ☆20May 10, 2023Updated 2 years ago
- A tool to abuse Exchange services☆12Mar 18, 2024Updated 2 years ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- God Mode Detection Rules☆132Aug 8, 2024Updated last year