Alternatives and similar repositories for ThreatPursuit-VM

Users that are interested in ThreatPursuit-VM are comparing it to the libraries listed below

• mandiant / commando-vm

  View on GitHub
  Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mand…
  ☆7,529Oct 16, 2025Updated 4 months ago
• mandiant / flare-vm

  View on GitHub
  A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering env…
  ☆8,338Dec 23, 2025Updated last month
• OTRF / ThreatHunter-Playbook

  View on GitHub
  A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…
  ☆4,475Jan 12, 2026Updated last month
• mandiant / red_team_tool_countermeasures

  View on GitHub
  ☆2,663Mar 5, 2024Updated last year
• alexandreborges / malwoverview

  View on GitHub
  Malwoverview is a rapid response tool used to gather intelligence information from VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malsh…
  ☆3,535Jan 20, 2026Updated 3 weeks ago
• NextronSystems / APTSimulator

  View on GitHub
  A toolset to make a system look as if it was the victim of an APT attack
  ☆2,710Sep 23, 2025Updated 4 months ago
• OTRF / Security-Datasets

  View on GitHub
  Re-play Security Events
  ☆1,723Mar 20, 2024Updated last year
• rabobank-cdc / DeTTECT

  View on GitHub
  Detect Tactics, Techniques & Combat Threats
  ☆2,263Jan 21, 2026Updated 3 weeks ago
• ahmedkhlief / APT-Hunter

  View on GitHub
  APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the …
  ☆1,400Nov 7, 2024Updated last year
• clong / DetectionLab

  View on GitHub
  Automate the creation of a lab environment complete with security tooling and logging best practices
  ☆4,900Jul 6, 2024Updated last year
• yeti-platform / yeti

  View on GitHub
  Your Everyday Threat Intelligence
  ☆1,949Updated this week
• trustedsec / SysmonCommunityGuide

  View on GitHub
  TrustedSec Sysinternals Sysmon Community Guide
  ☆1,365Updated this week
• edoardogerosa / sentinel-attack

  View on GitHub
  Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
  ☆1,077Nov 28, 2024Updated last year
• olafhartong / ThreatHunting

  View on GitHub
  A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
  ☆1,173Jul 26, 2023Updated 2 years ago
• intelowlproject / IntelOwl

  View on GitHub
  IntelOwl: manage your Threat Intelligence at scale
  ☆4,451Updated this week
• sbousseaden / EVTX-ATTACK-SAMPLES

  View on GitHub
  Windows Events Attack Samples
  ☆2,507Jan 24, 2023Updated 3 years ago
• redcanaryco / atomic-red-team

  View on GitHub
  Small and highly portable detection tests based on MITRE's ATT&CK.
  ☆11,570Feb 9, 2026Updated last week
• sans-blue-team / DeepBlueCLI

  View on GitHub
  ☆2,383Oct 14, 2023Updated 2 years ago
• mattnotmax / cyberchef-recipes

  View on GitHub
  A list of cyber-chef recipes and curated links
  ☆2,182Jun 14, 2024Updated last year
• redhuntlabs / RedHunt-OS

  View on GitHub
  Virtual Machine for Adversary Emulation and Threat Hunting
  ☆1,313Jan 22, 2025Updated last year
• Neo23x0 / Loki

  View on GitHub
  Loki - Simple IOC and YARA Scanner
  ☆3,719Jan 12, 2026Updated last month
• mandiant / capa

  View on GitHub
  The FLARE team's open-source tool to identify capabilities in executable files.
  ☆5,821Updated this week
• cyberdefenders / DetectionLabELK

  View on GitHub
  DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
  ☆573Dec 12, 2021Updated 4 years ago
• mitre / caldera

  View on GitHub
  Automated Adversary Emulation Platform
  ☆6,733Feb 9, 2026Updated last week
• activecm / rita-legacy

  View on GitHub
  Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…
  ☆2,514Jan 12, 2026Updated last month
• SigmaHQ / sigma

  View on GitHub
  Main Sigma Rule Repository
  ☆10,109Feb 10, 2026Updated last week
• reversinglabs / reversinglabs-yara-rules

  View on GitHub
  ReversingLabs YARA Rules
  ☆895Nov 3, 2025Updated 3 months ago
• ION28 / BLUESPAWN

  View on GitHub
  An Active Defense and EDR software to empower Blue Teams
  ☆1,315Aug 10, 2023Updated 2 years ago
• splunk / attack_range

  View on GitHub
  A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…
  ☆2,439Updated this week
• stuhli / awesome-event-ids

  View on GitHub
  Collection of Event ID ressources useful for Digital Forensics and Incident Response
  ☆642Jun 19, 2024Updated last year
• dwmetz / CyberPipe

  View on GitHub
  An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.
  ☆342Dec 3, 2025Updated 2 months ago
• OpenCTI-Platform / opencti

  View on GitHub
  Open Cyber Threat Intelligence Platform
  ☆8,212Updated this week
• hslatman / awesome-threat-intelligence

  View on GitHub
  A curated list of Awesome Threat Intelligence resources
  ☆9,786Jan 19, 2026Updated 3 weeks ago
• olafhartong / sysmon-modular

  View on GitHub
  A repository of sysmon configuration modules
  ☆2,968Aug 21, 2024Updated last year
• blackorbird / APT_REPORT

  View on GitHub
  Interesting APT Report Collection And Some Special IOCs
  ☆2,889Updated this week
• MISP / MISP

  View on GitHub
  MISP (core software) - Open Source Threat Intelligence and Sharing Platform
  ☆6,123Feb 10, 2026Updated last week
• davehull / Kansa

  View on GitHub
  A Powershell incident response framework
  ☆1,639Nov 22, 2022Updated 3 years ago
• mitre / cti

  View on GitHub
  Cyber Threat Intelligence Repository expressed in STIX 2.0
  ☆2,027Dec 19, 2025Updated last month
• wagga40 / Zircolite

  View on GitHub
  A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
  ☆780Updated this week