Alternatives and similar repositories for SA-Threat-Hunting

Users that are interested in SA-Threat-Hunting are comparing it to the libraries listed below

• rcobb76101 / bulk_volatility_scanner

  View on GitHub
  Python script to run battery of Volatility plugins against a forensic memory image
  ☆10Jun 22, 2019Updated 6 years ago
• DerekKing / splunk_dns_analytics

  View on GitHub
  Splunk Searches and Dashboards for DNS Threat Hunting
  ☆10Mar 5, 2018Updated 7 years ago
• vector-sec / TA_ETW

  View on GitHub
  Splunk Technology Add-On (TA) for collecting ETW events from Windows systems
  ☆17Dec 8, 2022Updated 3 years ago
• kyechou / firmanal

  View on GitHub
  An automated firmware analysis tool based on Firmadyne (https://github.com/firmadyne/firmadyne)
  ☆24Jul 8, 2017Updated 8 years ago
• olafhartong / WDACme

  View on GitHub
  A WDAC configuration repository with the sole intention of enriching MDE
  ☆30Jun 18, 2025Updated 7 months ago
• inodee / threathunting-spl

  View on GitHub
  Splunk code (SPL) for serious threat hunters and detection engineers.
  ☆289Jan 15, 2024Updated 2 years ago
• x29a / nec_terrain_root

  View on GitHub
  attempt to perma root the NEC Terrain android phone
  ☆10Jul 24, 2015Updated 10 years ago
• Vlek / RuinsAndRiches

  View on GitHub
  Ruins & Riches Ultima Online Server Files
  ☆10Oct 15, 2023Updated 2 years ago
• Maliek / Cylance-API-PS

  View on GitHub
  Powershell scripts using CyCLI.
  ☆10May 22, 2019Updated 6 years ago
• sketchymoose / TotalRecall

  View on GitHub
  Based on the Volatility framework, this script will run various plugins as well as create a timeline, or use YARA/ClamAV/VirusTotal to fi…
  ☆49May 31, 2017Updated 8 years ago
• olafhartong / TA-Sysmon-deploy

  View on GitHub
  Deploy and maintain Symon through the Splunk Deployment Sever
  ☆32Jul 30, 2020Updated 5 years ago
• CRYPT-ON-IT / policies_hardening_interface

  View on GitHub
  Windows and macOS Hardening Interface to make security more accessible.
  ☆37Jan 24, 2022Updated 4 years ago
• MHaggis / app_splunk_sysmon_hunter

  View on GitHub
  Splunk App to assist Sysmon Threat Hunting
  ☆38Mar 7, 2017Updated 8 years ago
• Jrotenberger / CBIRAutomation

  View on GitHub
  CB API scripts for IR, administration, etc.
  ☆32Jun 3, 2019Updated 6 years ago
• microsoft / o365tosplunkdataimportapp

  View on GitHub
  The Office 365 data Splunk app enables data analysts and IT administrators to import the data they need to get their organization more pr…
  ☆16Jun 14, 2023Updated 2 years ago
• fhoedemakers / smsplus64

  View on GitHub
  A Sega Master System and Game Gear Emulator for the Nintendo 64
  ☆12Dec 5, 2025Updated 2 months ago
• christiancscott / awesome-LLM-security

  View on GitHub
  A compendium of threat modeling and security testing resources for LLMs and GenAI agents
  ☆19Oct 16, 2024Updated last year
• LiviusNL / vault-plugin-secrets-ccp

  View on GitHub
  CyberArk Credentials Provider (CCP) Plugin for HashiCorp Vault
  ☆17Jan 12, 2024Updated 2 years ago
• CamFlyerCH / FileShareUtils

  View on GitHub
  Powershell module to help with all file server tasks without using WMI
  ☆12Feb 15, 2024Updated 2 years ago
• jan-tee / cycli-examples

  View on GitHub
  Examples for the CyCLI Powershell module
  ☆12Mar 8, 2019Updated 6 years ago
• farshadghodsian / Ansible-Windows-Playbooks

  View on GitHub
  Examples of various Ansible Playbooks for Microsoft Windows Server 2016
  ☆10Mar 3, 2019Updated 6 years ago
• madlabber / NewWindowsVM-Ansible

  View on GitHub
  Create a new Windows VM on a standalone ESX host
  ☆12Jan 1, 2021Updated 5 years ago
• sisoc-tokyo / mimikatz_detection

  View on GitHub
  ☆12Mar 24, 2018Updated 7 years ago
• strick-j / autopsmp

  View on GitHub
  Automated CyberArk Privileged Session Manager SSH Proxy Installer.
  ☆13Apr 14, 2023Updated 2 years ago
• Crznic / Crznic

  View on GitHub
  A "custom" layer 4 protocol for raw socket communication on linux. Golang library.
  ☆10Dec 20, 2018Updated 7 years ago
• yt-dlp / homebrew-taps

  View on GitHub
  ☆11Nov 8, 2023Updated 2 years ago
• Whee30 / Case-Management-script

  View on GitHub
  A simple python script to generate nested folders based on user input. The script will also name and place a template report document and…
  ☆11Jun 19, 2025Updated 7 months ago
• 0xtibs / Threat_Intel

  View on GitHub
  Automating simple report creating of threat intelligence using ChatGPT and Greynoise API.
  ☆10Oct 3, 2023Updated 2 years ago
• robertchrk / evilmaid

  View on GitHub
  Evil maid attacks are the biggest threat to full disk encryption, if you can't provide 100% physical security. It's not about locking you…
  ☆11Sep 4, 2016Updated 9 years ago
• AlicanAkyol / eagle

  View on GitHub
  Bypass Antivm and Cuckoo Sandbox Techniques
  ☆12Oct 12, 2016Updated 9 years ago
• forensenellanebbia / volatility-profiles

  View on GitHub
  My Linux profiles built for Volatility 2/3
  ☆10Oct 11, 2025Updated 4 months ago
• silascutler / MiscMalware

  View on GitHub
  Misc malware stuff
  ☆11Sep 30, 2020Updated 5 years ago
• RITRedteam / Trickshot

  View on GitHub
  MYSQL plugin that allows RCE through a query
  ☆10Mar 21, 2019Updated 6 years ago
• danaugrs / royal-ur

  View on GitHub
  Ancient two-player strategy race board game
  ☆12Mar 19, 2024Updated last year
• RAB301000001C3 / PCAPEXTRACT

  View on GitHub
  Packet Analysis on Steroids
  ☆12Oct 20, 2022Updated 3 years ago
• BrandonsProjects / WEFC

  View on GitHub
  Windows Event Forwarding/Collection - A simple way to get quick, comprehensive logging for a Windows environment.
  ☆16Jun 5, 2022Updated 3 years ago
• rtoma / google-ctf2017

  View on GitHub
  Writeups for Google CTF challenges 2017
  ☆10Jun 19, 2017Updated 8 years ago
• kukfa / mmoserver

  View on GitHub
  MMORPG server emulator
  ☆12Aug 26, 2018Updated 7 years ago
• fygrave / iocmap

  View on GitHub
  Indicator of Compromise Mapping Service
  ☆12Apr 15, 2014Updated 11 years ago