This repository contains advanced threat hunting scripts for Cisco Secure Endpoint API. The scripts leverage the AMP API to hunt for threats, analyze endpoint behavior, and detect potential compromises across the environment using API version 0 and 1.
☆14Jun 28, 2025Updated 8 months ago
Alternatives and similar repositories for amphunt
Users that are interested in amphunt are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Nagios HTTP/HTTPS check via wget (with/without Proxy)☆10Nov 5, 2017Updated 8 years ago
- ☆32Jul 1, 2025Updated 8 months ago
- A repository for useful scripts and files for Cisco Security products.☆25Dec 8, 2022Updated 3 years ago
- Reworked assets for Azure Sentinel using Cisco Umbrella logs as source. Includes logstash config for Cisco Umbrella using Cisco managed A…☆13Apr 14, 2020Updated 5 years ago
- ☆20Apr 15, 2025Updated 11 months ago
- GeoIP plotting script written in Python to help security teams draw visualized reports from IP addresses☆20May 29, 2022Updated 3 years ago
- Open source offering for the Logscape log management tool.☆28Aug 2, 2021Updated 4 years ago
- A Python package to interact with the both on-premises and Office 365 Exchange Web Services☆34May 23, 2023Updated 2 years ago
- A PowerShell script that checks for dangerous ACLs on system hives and shadows☆28Jul 21, 2021Updated 4 years ago
- Yet another introduction to Cisco APIs☆12Jul 4, 2016Updated 9 years ago
- Reads and prints information from the website MalAPI.io☆20Jul 14, 2022Updated 3 years ago
- Scrapes the Windows Evaluation ISO addresses into a JSON data file☆30Jan 28, 2026Updated last month
- ☆10Dec 28, 2015Updated 10 years ago
- JSON-based DSLs are not for humans..☆10Sep 4, 2014Updated 11 years ago
- ☆15Nov 29, 2017Updated 8 years ago
- Cookiecutter template for new Ansible projects☆12Jul 14, 2017Updated 8 years ago
- Yara rules I've written☆10Dec 9, 2015Updated 10 years ago
- ☆37Aug 23, 2022Updated 3 years ago
- Yara rules☆10Dec 10, 2019Updated 6 years ago
- Command Line Interface/Framework for Black Hat CTF Competitors☆10Dec 8, 2022Updated 3 years ago
- snake-core - the real snake☆15Jul 11, 2023Updated 2 years ago
- Cisco ASA plugin for certbot☆23Mar 15, 2018Updated 8 years ago
- A simple script that automates basic pentester reconaissance starting from nmap scans.☆10Dec 10, 2016Updated 9 years ago
- A curated list of Tezos Ecosystem dApps, tools, and communities.☆13Mar 11, 2025Updated last year
- OpenDNS Graph Miner☆45Apr 28, 2017Updated 8 years ago
- A scalable framework for binary analysis in a containered environment.☆13May 20, 2019Updated 6 years ago
- Finds dynamic DNS (like no-ip.org) domains from a given list of domains☆14Sep 17, 2015Updated 10 years ago
- Threat Network Detection in Online Social Networks☆10Jan 20, 2017Updated 9 years ago
- Simple decrypter for strings used in SamSam Ransomware samples.☆18Feb 21, 2020Updated 6 years ago
- Exploit kit analyzer☆22Mar 3, 2015Updated 11 years ago
- Vulnerable Node.js Web Application to pratice with your pentesting skills☆21Apr 29, 2017Updated 8 years ago
- This is a script to import Cisco Talos's IP Blacklist into a Tag (Host Group) within Stealthwatch. This will also optionally create a Cu…☆11May 22, 2023Updated 2 years ago
- Realizes to write macros in any scripts into any languages.☆23Mar 20, 2017Updated 9 years ago
- Sample SecOps scripts and Utilities☆12Jun 19, 2024Updated last year
- Analysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules☆51Sep 6, 2023Updated 2 years ago
- Protecting Red Team infrastructure with cyber shield blocking AWS/AZURE/IBM/Digital Ocean/TOR/AV IP/ETC. ranges☆45Jul 31, 2022Updated 3 years ago
- Cisco DNA Center PnP-BulkConfig app allows uploading of "predefined" rules to onboard network devices.☆32May 29, 2020Updated 5 years ago
- ☆10Jul 29, 2016Updated 9 years ago
- ☆11Sep 13, 2025Updated 6 months ago