Alternatives and similar repositories for Threat-Hunting

Users that are interested in Threat-Hunting are comparing it to the libraries listed below

• chenerlich / FCL

  View on GitHub
  FCL (Fileless Command Lines) - Known command lines of fileless malicious executions
  ☆477Apr 8, 2021Updated 4 years ago
• StrangerealIntel / CyberThreatIntel

  View on GitHub
  Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups
  ☆724Dec 26, 2022Updated 3 years ago
• idiom / pftriage

  View on GitHub
  Python tool and library to help analyze files during malware triage and analysis.
  ☆78Jul 2, 2020Updated 5 years ago
• ashwin-patil / threat-hunting-with-notebooks

  View on GitHub
  Repository with Sample threat hunting notebooks on Security Event Log Data Sources
  ☆69Dec 2, 2022Updated 3 years ago
• A3sal0n / CyberThreatHunting

  View on GitHub
  A collection of resources for Threat Hunters
  ☆914Oct 15, 2024Updated last year
• paladin316 / ThreatHunting

  View on GitHub
  This repo is where I store my Threat Hunting ideas/content
  ☆88May 9, 2023Updated 2 years ago
• sbousseaden / EVTX-ATTACK-SAMPLES

  View on GitHub
  Windows Events Attack Samples
  ☆2,507Jan 24, 2023Updated 3 years ago
• blackorbird / APT_REPORT

  View on GitHub
  Interesting APT Report Collection And Some Special IOCs
  ☆2,889Updated this week
• securycore / ThreatHunting

  View on GitHub
  Powershell collection designed to assist in Threat Hunting Windows systems.
  ☆27Apr 13, 2018Updated 7 years ago
• threat-hunting / awesome_Threat-Hunting

  View on GitHub
  A curated list of the most important and useful resources about Threat Detection,Hunting and Intelligence.
  ☆575Mar 24, 2023Updated 2 years ago
• RedDrip7 / APT_Digital_Weapon

  View on GitHub
  Indicators of compromise (IOCs) collected from public resources and categorized by Qi-AnXin.
  ☆959Aug 28, 2025Updated 5 months ago
• mthbernardes / fsudo

  View on GitHub
  Steal users password with a fake sudo function.
  ☆43Feb 29, 2024Updated last year
• P3t3rp4rk3r / Threat_Intelligence

  View on GitHub
  Threat-Intelligence Feeds & Tools & Frameworks
  ☆223Jun 7, 2024Updated last year
• CyberMonitor / APT_CyberCriminal_Campagin_Collections

  View on GitHub
  APT & CyberCriminal Campaign Collection
  ☆4,043Jul 25, 2024Updated last year
• ecstatic-nobel / Analyst-Arsenal

  View on GitHub
  A toolkit for Security Researchers
  ☆127Sep 2, 2019Updated 6 years ago
• BushidoUK / Exploring-APT-campaigns

  View on GitHub
  Further investigation in to APT campaigns disclosed by private security firms and security agencies
  ☆87Jun 4, 2022Updated 3 years ago
• advanced-threat-research / Yara-Rules

  View on GitHub
  Repository of YARA rules made by Trellix ATR Team
  ☆623Mar 18, 2025Updated 10 months ago
• edoardogerosa / sentinel-attack

  View on GitHub
  Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
  ☆1,077Nov 28, 2024Updated last year
• sbousseaden / PCAP-ATTACK

  View on GitHub
  PCAP Samples for Different Post Exploitation Techniques
  ☆368Apr 29, 2021Updated 4 years ago
• InQuest / malware-samples

  View on GitHub
  A collection of malware samples and relevant dissection information, most probably referenced from http://blog.inquest.net
  ☆930Mar 26, 2024Updated last year
• OTRF / ThreatHunter-Playbook

  View on GitHub
  A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…
  ☆4,475Jan 12, 2026Updated last month
• sbousseaden / Slides

  View on GitHub
  Misc Threat Hunting Resources
  ☆377Jan 26, 2023Updated 3 years ago
• Cherishao / APT-Sample

  View on GitHub
  Pull some Malware samples here for other security researchers/malware analyst's to analyze and play with.
  ☆174May 29, 2024Updated last year
• GossiTheDog / ThreatHunting

  View on GitHub
  Tools for hunting for threats.
  ☆599Apr 30, 2025Updated 9 months ago
• pe3zx / mthc

  View on GitHub
  All-in-one bundle of MISP, TheHive and Cortex
  ☆169Sep 27, 2022Updated 3 years ago
• dfirtrack / dfirtrack

  View on GitHub
  DFIRTrack - The Incident Response Tracking Application
  ☆532Jan 13, 2026Updated last month
• InQuest / ThreatIngestor

  View on GitHub
  Extract and aggregate threat intelligence.
  ☆902Jan 31, 2024Updated 2 years ago
• rabobank-cdc / DeTTECT

  View on GitHub
  Detect Tactics, Techniques & Combat Threats
  ☆2,262Jan 21, 2026Updated 3 weeks ago
• yeti-platform / yeti

  View on GitHub
  Your Everyday Threat Intelligence
  ☆1,949Updated this week
• alternat0r / training-basic-malware-analysis

  View on GitHub
  In this training will be covered about a very basic step for malware analysis. Using several free tools to recognize malware behavior. Si…
  ☆12May 25, 2016Updated 9 years ago
• jivoi / bovrflow

  View on GitHub
  buffer overflow examples
  ☆23Dec 20, 2017Updated 8 years ago
• telsy-cyberops / research

  View on GitHub
  Telsy CTI Research Team
  ☆57Dec 15, 2020Updated 5 years ago
• MII-Cybersec / Threat-Hunting-Notebook

  View on GitHub
  Collection of Jupyter Notebook for Threat Hunting and Blue Team Purposes
  ☆22Jun 15, 2022Updated 3 years ago
• tomchop / malcom

  View on GitHub
  Malcom - Malware Communications Analyzer
  ☆1,165Nov 29, 2017Updated 8 years ago
• nshalabi / SysmonTools

  View on GitHub
  Utilities for Sysmon
  ☆1,571Sep 21, 2025Updated 4 months ago
• 0xrawsec / gene

  View on GitHub
  Signature engine for all your logs
  ☆173Nov 13, 2023Updated 2 years ago
• OTRF / Security-Datasets

  View on GitHub
  Re-play Security Events
  ☆1,723Mar 20, 2024Updated last year
• InQuest / yara-rules

  View on GitHub
  A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.
  ☆388May 11, 2022Updated 3 years ago
• paranoidninja / Threat-Hunting

  View on GitHub
  This repo is dedicated to all my tricks, tweaks and modules for testing and hunting threats. This repo contains multiple directories whic…
  ☆57Jan 10, 2018Updated 8 years ago