Alternatives and similar repositories for SANS-CTI-Summit-2021

Users that are interested in SANS-CTI-Summit-2021 are comparing it to the libraries listed below

• BitsOfBinary / yarabuilder

  View on GitHub
  Python 3 library to build YARA rules.
  ☆13Oct 24, 2021Updated 4 years ago
• OllieJC / tbat

  View on GitHub
  Threat Box Assessment Tool
  ☆19Aug 15, 2021Updated 4 years ago
• kyle-phillips / adversarial-tools

  View on GitHub
  A collection of tools adversaries commonly use in an attack.
  ☆14Nov 23, 2024Updated last year
• gertjanbruggink / presentations

  View on GitHub
  This directory contains presentations and related materials of my speaking engagements. I also use this to record historical presentation…
  ☆17Feb 13, 2025Updated last year
• cutaway-security / cutsec_presentations

  View on GitHub
  Presentation Slides and Resources
  ☆16Jun 12, 2024Updated last year
• PwCUK-CTO / SANSCTISummit2021-xStart

  View on GitHub
  Indicators of compromise, YARA rules, and Python scripts to supplement the SANS CTI Summit 2021 talk: "xStart when you're ready".
  ☆14Jul 12, 2021Updated 4 years ago
• nov3mb3r / trident

  View on GitHub
  A PowerShell incident response script for quick triage
  ☆81Jul 18, 2022Updated 3 years ago
• swisscom / Invoke-Forensics

  View on GitHub
  Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.
  ☆117Nov 28, 2023Updated 2 years ago
• joshlemon / DFIR-Reference-Frameworks

  View on GitHub
  Repository of public reference frameworks for the DFIR community.
  ☆121Jul 4, 2023Updated 2 years ago
• pstirparo / threatintel-resources

  View on GitHub
  Resources, tools and utilities about Threat Intelligence
  ☆82Mar 18, 2023Updated 2 years ago
• cmdaltr / elrond

  View on GitHub
  Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
  ☆32Nov 23, 2025Updated 2 months ago
• cyberdefenders / DetectionLabELK

  View on GitHub
  DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
  ☆573Dec 12, 2021Updated 4 years ago
• mandiant / vbScript_deobfuscator

  View on GitHub
  Help deobfuscate VBScript
  ☆18Jul 1, 2022Updated 3 years ago
• infosec-intern / vscode-yara

  View on GitHub
  VSCode extension for the YARA pattern matching language
  ☆63Jan 10, 2024Updated 2 years ago
• ashwin-patil / threat-hunting-with-notebooks

  View on GitHub
  Repository with Sample threat hunting notebooks on Security Event Log Data Sources
  ☆69Dec 2, 2022Updated 3 years ago
• cado-security / rip_raw

  View on GitHub
  Rip Raw is a small tool to analyse the memory of compromised Linux systems.
  ☆134Jan 31, 2022Updated 4 years ago
• jwillyamz / ezEmu

  View on GitHub
  See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)
  ☆108Feb 12, 2023Updated 3 years ago
• 3CORESec / MAL-CL

  View on GitHub
  MAL-CL (Malicious Command-Line)
  ☆322Jan 10, 2023Updated 3 years ago
• Cyb3rWard0g / infosec-well-done

  View on GitHub
  A few quick recipes for those that do not have much time during the day
  ☆22Oct 28, 2024Updated last year
• flowintel / cocktailparty

  View on GitHub
  CocktailParty is a data broker system based on phoenix framework
  ☆23Apr 23, 2025Updated 9 months ago
• mandiant / thiri-notebook

  View on GitHub
  The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…
  ☆154Apr 25, 2022Updated 3 years ago
• center-for-threat-informed-defense / cti-blueprints

  View on GitHub
  CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…
  ☆281Mar 20, 2025Updated 10 months ago
• jipegit / IncidentsMindMaps

  View on GitHub
  Cybersecurity Incidents Mind Maps
  ☆34Sep 29, 2021Updated 4 years ago
• advanced-threat-research / DarkSide-Config-Extract

  View on GitHub
  ☆35Oct 29, 2021Updated 4 years ago
• AndrewRathbun / Awesome-KAPE

  View on GitHub
  A curated list of KAPE-related resources
  ☆179May 1, 2025Updated 9 months ago
• target / halogen

  View on GitHub
  Automatically create YARA rules from malicious documents.
  ☆212May 16, 2022Updated 3 years ago
• CD-R0M / YARA

  View on GitHub
  Hundred Days of Yara Challenge
  ☆12Jun 21, 2022Updated 3 years ago
• WithSecureLabs / FLAIR

  View on GitHub
  F-Secure Lightweight Acqusition for Incident Response (FLAIR)
  ☆16Jul 5, 2021Updated 4 years ago
• chihebchebbi / Sentinel2Attack

  View on GitHub
  ☆14Mar 5, 2021Updated 4 years ago
• rabobank-cdc / DeTTECT

  View on GitHub
  Detect Tactics, Techniques & Combat Threats
  ☆2,262Jan 21, 2026Updated 3 weeks ago
• cutaway-security / cutsec_tools

  View on GitHub
  Scripts and other tools to helps parse data or gather information
  ☆67Nov 27, 2022Updated 3 years ago
• sbousseaden / Slides

  View on GitHub
  Misc Threat Hunting Resources
  ☆377Jan 26, 2023Updated 3 years ago
• pe3zx / mthc

  View on GitHub
  All-in-one bundle of MISP, TheHive and Cortex
  ☆169Sep 27, 2022Updated 3 years ago
• stairwell-inc / threat-research

  View on GitHub
  Repository of tools, YARA rules, and code-snippets from Stairwell's research team.
  ☆23Jan 31, 2024Updated 2 years ago
• dwmetz / CyberPipe

  View on GitHub
  An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.
  ☆342Dec 3, 2025Updated 2 months ago
• RealityNet / attack-coverage

  View on GitHub
  an excel-centric approach for the MITRE ATT&CK® Tactics and Techniques
  ☆189May 5, 2022Updated 3 years ago
• ninoseki / mihari

  View on GitHub
  A query aggregator for OSINT based threat hunting
  ☆930Jan 23, 2026Updated 3 weeks ago
• praetorian-inc / trident

  View on GitHub
  automated password spraying tool
  ☆148Jun 15, 2021Updated 4 years ago
• 3c7 / yaramanager

  View on GitHub
  Simple yara rule manager
  ☆66Dec 27, 2022Updated 3 years ago