schwartz1375/Threat-Hunting-in-AWS external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

schwartz1375/Threat-Hunting-in-AWS

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/schwartz1375/Threat-Hunting-in-AWS)

Close

schwartz1375 / Threat-Hunting-in-AWSView on GitHubMore

• External links
• Readme badge

☆36Aug 23, 2022Updated 3 years ago

Alternatives and similar repositories for Threat-Hunting-in-AWS

Users that are interested in Threat-Hunting-in-AWS are comparing it to the libraries listed below

• Yamato-Security / suzaku-rules

  View on GitHub
  ☆11Dec 9, 2025Updated 3 months ago
• nuryslyrt / AttackImaginator

  View on GitHub
  LLM Supported Attack Scenario Creator from Code Review
  ☆14Oct 22, 2024Updated last year
• op7ic / amphunt

  View on GitHub
  This repository contains advanced threat hunting scripts for Cisco Secure Endpoint API. The scripts leverage the AMP API to hunt for thre…
  ☆14Jun 28, 2025Updated 8 months ago
• corelight / Dashboards-Splunk-DNS-Hunting-Beaconing

  View on GitHub
  DNS Dashboard for hunting and identifying beaconing
  ☆16Jul 29, 2020Updated 5 years ago
• Cyb3r-Monk / Cheat-Sheets

  View on GitHub
  Cheat sheets for threat hunting, detection and other stuff.
  ☆34Oct 7, 2022Updated 3 years ago
• gsiddharth29 / Threat-Hunting

  View on GitHub
  Threat Hunt Investigation Methodology and Procedure
  ☆15Jul 11, 2022Updated 3 years ago
• BenjiTrapp / aws-threat-hunting

  View on GitHub
  Short deep dive into Threat Hunting on AWS
  ☆17Oct 15, 2023Updated 2 years ago
• mdecrevoisier / Windows-authentication-brutforce-cheatsheet

  View on GitHub
  Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.
  ☆20Jul 1, 2023Updated 2 years ago
• chlaplan / MDE-Monitoring-App

  View on GitHub
  Troubleshooting MDE Workstations
  ☆42Jan 7, 2026Updated 2 months ago
• invictus-ir / Blue-team-app-Office-365-and-Azure

  View on GitHub
  ☆72Oct 21, 2024Updated last year
• svch0stz / TheThreatHuntLibrary

  View on GitHub
  Library of threat hunts to get any user started!
  ☆50Sep 4, 2020Updated 5 years ago
• kev365 / ToolFetcher

  View on GitHub
  A tool for fetching DFIR and other GitHub tools.
  ☆25Aug 2, 2025Updated 7 months ago
• EmissarySpider / ransomware-descendants

  View on GitHub
  A repository dedicated to tracking ransomware families based on leaked builders.
  ☆22Apr 17, 2024Updated last year
• Ignitetechnologies / myfiles

  View on GitHub
  Notes only
  ☆19May 2, 2022Updated 3 years ago
• invictus-ir / Sigma-AWS

  View on GitHub
  This repository contains the research and components of our research into using Sigma for AWS Incident Response.
  ☆31Jul 12, 2023Updated 2 years ago
• 5f0ne / pdf-examiner

  View on GitHub
  Provides an overview of the inner file structure of a PDF
  ☆24Sep 26, 2022Updated 3 years ago
• JPCERTCC / jpcert-yara

  View on GitHub
  JPCERT/CC public YARA rules repository
  ☆109Nov 14, 2025Updated 3 months ago
• jakob-source / falcon-crowdstrike

  View on GitHub
  A collection of searches, interesting events and tables on Crowdstrike Splunk.
  ☆30Mar 2, 2021Updated 5 years ago
• ericw317 / TrailBytes

  View on GitHub
  Follow the trail of breadcrumbs left behind by any user on a computer or mounted disk image.
  ☆32Aug 28, 2025Updated 6 months ago
• PolitoInc / ELK-Hunting

  View on GitHub
  Threat Hunting with ELK Workshop (InfoSecWorld 2017)
  ☆65Oct 31, 2017Updated 8 years ago
• LogRhythm-Services / Axon-Content

  View on GitHub
  Community content for LogRhythm Axon. Includes Dashboards, searches, analytics rules, processing policies and more.
  ☆10Jul 26, 2024Updated last year
• Dutchosintguy / OSINT-workshop-sans

  View on GitHub
  Links to materials referenced in the SANS Tech Tuesday workshop June 30,2020
  ☆29Oct 7, 2020Updated 5 years ago
• yoryio / ShodanFavicon

  View on GitHub
  List of MurmurHash3 favicon hashes of widely used technologies by vendor to search with Shodan.
  ☆36Apr 14, 2024Updated last year
• cyb3rmik3 / Hunting-Lists

  View on GitHub
  A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.
  ☆33Jul 23, 2024Updated last year
• mf1d3l / Splunk4DFIR

  View on GitHub
  Harness the power of Splunk for your investigations
  ☆157Oct 11, 2025Updated 4 months ago
• Permiso-io-tools / cloudtail

  View on GitHub
  ☆30Jan 13, 2026Updated last month
• thremulation-station / thremulation-station

  View on GitHub
  Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
  ☆39Dec 17, 2025Updated 2 months ago
• paladin316 / ThreatHunting

  View on GitHub
  This repo is where I store my Threat Hunting ideas/content
  ☆88May 9, 2023Updated 2 years ago
• mandiant / mandiant_managed_hunting

  View on GitHub
  Azure Deployment Templates for Mandiant Managed Huning
  ☆12Jun 1, 2023Updated 2 years ago
• davidgracemann / Flossx83

  View on GitHub
  Card Payments Simulation Tool For Indie Devs : Core Card Switch Engine, Fraud Engine, ATM/POS GUI Simulator , Admin Dash (Real-time MSG …
  ☆19Jun 15, 2025Updated 8 months ago
• somethingnew2-0 / SimpleCSPM

  View on GitHub
  GCP CSPM using Google Sheets
  ☆38Apr 4, 2025Updated 11 months ago
• iKnowJavaScript / terraform-aws-vulne-soldier

  View on GitHub
  This Terraform module consists of the configuration for automating the remediation of AWS EC2 vulnerabilities using AWS Inspector finding…
  ☆50Jul 4, 2025Updated 8 months ago
• Cyb3r-Monk / ACCD

  View on GitHub
  Active C&C Detector
  ☆156Oct 5, 2023Updated 2 years ago
• OWASP / www-chapter-coimbatore

  View on GitHub
  OWASP Coimbatore's Web & Project Repository
  ☆13Jan 23, 2026Updated last month
• NikolisSecurity / PhantomID

  View on GitHub
  A powerful hardware ID spoofing tool designed to modify system identifiers for privacy and security purposes. Change MAC addresses, HWID,…
  ☆26Feb 28, 2026Updated last week
• aws-samples / cluster-sample-app

  View on GitHub
  A very basic app written in Javascript and packaged as a Docker image to be used as a demo when testing clustered deployments in ECS/EKS.
  ☆11Jun 30, 2023Updated 2 years ago
• gbrembati / terraform-cloudguard-k8s-protection

  View on GitHub
  Project that creates a Kubernetes environment in Azure (AKS) and protects it with CloudGuard CSPM / Workload and Appsec technologies
  ☆10Jun 12, 2023Updated 2 years ago
• west-wind / Spring4Shell-Detection

  View on GitHub
  Lazy SPL to detect Spring4Shell exploitation
  ☆12Jul 8, 2022Updated 3 years ago
• Cyb3rWard0g / IntelRAGU

  View on GitHub
  Intel Retrieval Augmented Generation (RAG) Utilities
  ☆91Jan 29, 2024Updated 2 years ago