pe3zx/mthc

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/pe3zx/mthc)

pe3zx / mthc

All-in-one bundle of MISP, TheHive and Cortex

☆170

Alternatives and similar repositories for mthc

Users that are interested in mthc are comparing it to the libraries listed below

Sorting:

TheHive-Project / awesome
View on GitHub
A curated list of awesome things related to TheHive & Cortex
☆185Oct 9, 2021Updated 4 years ago
WithSecureLabs / lazarus-sigma-rules
View on GitHub
☆19Oct 23, 2020Updated 5 years ago
yampelo / beagle
View on GitHub
Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
☆1,338Dec 13, 2022Updated 3 years ago
dfirtrack / dfirtrack
View on GitHub
DFIRTrack - The Incident Response Tracking Application
☆532Jan 13, 2026Updated last month
InQuest / ThreatIngestor
View on GitHub
Extract and aggregate threat intelligence.
☆906Jan 31, 2024Updated 2 years ago
frikky / WALKOFF
View on GitHub
A flexible, easy to use, automation framework allowing users to integrate their capabilities and devices to cut through the repetitive, t…
☆12Nov 23, 2022Updated 3 years ago
olafhartong / ThreatHunting
View on GitHub
A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
☆1,173Jul 26, 2023Updated 2 years ago
ninoseki / mihari
View on GitHub
A query aggregator for OSINT based threat hunting
☆930Jan 23, 2026Updated last month
coolacid / docker-misp
View on GitHub
A (nearly) production ready Dockered MISP
☆230Jan 12, 2024Updated 2 years ago
OTRF / Security-Datasets
View on GitHub
Re-play Security Events
☆1,725Mar 20, 2024Updated last year
cyberdefenders / DetectionLabELK
View on GitHub
DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
☆573Dec 12, 2021Updated 4 years ago
thomaspatzke / elk-detection-lab
View on GitHub
An ELK environment containing interesting security datasets.
☆136May 11, 2020Updated 5 years ago
TheresAFewConors / Sooty
View on GitHub
The SOC Analysts all-in-one CLI tool to automate and speed up workflow.
☆1,459Sep 25, 2024Updated last year
CIRCL / AIL-framework
View on GitHub
AIL framework - Analysis Information Leak framework. Project moved to https://github.com/ail-project
☆1,361Updated this week
MISP / docker-misp
View on GitHub
Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
☆104Dec 29, 2023Updated 2 years ago
PwCUK-CTO / rtfsig
View on GitHub
A tool to help malware analysts signature unique parts of RTF documents
☆28Jan 5, 2026Updated last month
JPCERTCC / SysmonSearch
View on GitHub
Investigate suspicious activity by visualizing Sysmon's event log
☆431Dec 22, 2023Updated 2 years ago
sbousseaden / Slides
View on GitHub
Misc Threat Hunting Resources
☆377Jan 26, 2023Updated 3 years ago
TheHive-Project / TheHive-Resources
View on GitHub
A repository to share contributions related to TheHive Project
☆22Sep 15, 2021Updated 4 years ago
StrangerealIntel / DeltaFlare
View on GitHub
☆12Jun 29, 2021Updated 4 years ago
OTRF / ThreatHunter-Playbook
View on GitHub
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…
☆4,486Jan 12, 2026Updated last month
philhagen / sof-elk
View on GitHub
Configuration files for the SOF-ELK VM
☆1,720Jan 21, 2026Updated last month
certtools / intelmq
View on GitHub
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
☆1,113Feb 14, 2026Updated 2 weeks ago
MISP / x_old_misp_docker
View on GitHub
MISP Docker (XME edition)
☆282Dec 5, 2023Updated 2 years ago
mthcht / ThreatHunting-Keywords-sigma-rules
View on GitHub
Sigma detection rules for hunting with the threathunting-keywords project
☆58Mar 2, 2025Updated last year
DFIRKuiper / Kuiper
View on GitHub
Digital Forensics Investigation Platform
☆872Oct 12, 2024Updated last year
InQuest / iocextract
View on GitHub
Defanged Indicator of Compromise (IOC) Extractor.
☆569Aug 28, 2024Updated last year
csirtgadgets / bearded-avenger
View on GitHub
CIF v3 -- the fastest way to consume threat intelligence
☆183Apr 20, 2023Updated 2 years ago
MISP / MISP-maltego
View on GitHub
Set of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.
☆181Jun 23, 2024Updated last year
sbousseaden / EVTX-ATTACK-SAMPLES
View on GitHub
Windows Events Attack Samples
☆2,515Jan 24, 2023Updated 3 years ago
fhightower / ioc-finder
View on GitHub
Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security relate…
☆179Nov 16, 2023Updated 2 years ago
MISP / misp-training
View on GitHub
MISP trainings, threat intel and information sharing training materials with source code
☆424Dec 17, 2025Updated 2 months ago
schrodyn / steezy
View on GitHub
Steezy - Ghetto Yara Generation
☆15Mar 27, 2023Updated 2 years ago
thalesgroup-cert / Watcher
View on GitHub
Watcher - Open Source AI-powered Cyber Threat Intelligence & Hunting Platform. Developed with Django & React JS.
☆1,243Feb 18, 2026Updated 2 weeks ago
yeti-platform / yeti
View on GitHub
Your Everyday Threat Intelligence
☆1,954Feb 12, 2026Updated 3 weeks ago
rabobank-cdc / DeTTECT
View on GitHub
Detect Tactics, Techniques & Combat Threats
☆2,264Jan 21, 2026Updated last month
dfir-iris / iris-web
View on GitHub
Collaborative Incident Response platform
☆1,429Feb 16, 2026Updated 2 weeks ago
sfakiana / SANS-CTI-Summit-2021
View on GitHub
Resources for SANS CTI Summit 2021 presentation
☆104Nov 8, 2023Updated 2 years ago
cyb3rfox / Aurora-Incident-Response
View on GitHub
Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
☆1,059Oct 5, 2023Updated 2 years ago