Alternatives and similar repositories for Splunk-Threat-Hunting

Users that are interested in Splunk-Threat-Hunting are comparing it to the libraries listed below

• west-wind / Threat-Hunting-With-Splunk

  View on GitHub
  Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise
  ☆68Apr 29, 2024Updated last year
• Truvis / SplunkDashboards

  View on GitHub
  Collection of Dashboards for Threat Hunting and more!
  ☆73Oct 17, 2020Updated 5 years ago
• NorthfieldCreative / splunk-crowdstrike-event-queries

  View on GitHub
  ☆14Jan 2, 2025Updated last year
• EvolvingSysadmin / Splunk-Tools

  View on GitHub
  Collection of Splunking Tools, SPL Code and Resources
  ☆15Jan 30, 2025Updated last year
• tmuth / splunking-oracle

  View on GitHub
  Queries, Dashboards, and Splunk Knowledge Objects to Monitor Oracle Database Metrics
  ☆14Mar 11, 2021Updated 4 years ago
• ChrisForsythe / SplunkStuff

  View on GitHub
  A repository for generalized splunk code, dashboards, resources and suggestions/recommendations.
  ☆32Dec 13, 2022Updated 3 years ago
• inodee / threathunting-spl

  View on GitHub
  Splunk code (SPL) for serious threat hunters and detection engineers.
  ☆289Jan 15, 2024Updated 2 years ago
• Securityinbits / cheatsheet

  View on GitHub
  These are some of the commands which I use frequently during Malware Analysis and DFIR.
  ☆24Jan 8, 2024Updated 2 years ago
• splunk / rwi_executive_dashboard

  View on GitHub
  Splunk Remote Work Insights - Executive Dashboard
  ☆43Aug 20, 2020Updated 5 years ago
• Loginsoft-LLC / threat-detection-rules

  View on GitHub
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆53Jul 27, 2022Updated 3 years ago
• corelight / Dashboards-Splunk-DNS-Hunting-Beaconing

  View on GitHub
  DNS Dashboard for hunting and identifying beaconing
  ☆16Jul 29, 2020Updated 5 years ago
• BinaryDefense / YaraMemoryScanner

  View on GitHub
  Simple PowerShell script to enable process scanning with Yara.
  ☆98Oct 4, 2022Updated 3 years ago
• topher-lo / hunts

  View on GitHub
  🐻‍❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.
  ☆14May 22, 2024Updated last year
• SCS-Labs / TheWatchList

  View on GitHub
  Threat Feeds, Threat lists, and regular lists of known IP ranges and domains. It updates every 4 hours.
  ☆16May 21, 2021Updated 4 years ago
• rndmIdi0cy / Menagerie

  View on GitHub
  Crowdstrike response script containing various functions for IR/triage
  ☆12Dec 7, 2020Updated 5 years ago
• AllsafeCyberSecurity / Ghidra_Data_Type

  View on GitHub
  for Windows Malware Analysis
  ☆15May 14, 2020Updated 5 years ago
• sk4la / plast

  View on GitHub
  Modular command-line threat hunting tool & framework.
  ☆17Jul 20, 2020Updated 5 years ago
• splunk / splunkrepl

  View on GitHub
  An awesome little REPL for issuing SPLUNK queries
  ☆28Dec 18, 2015Updated 10 years ago
• chronicle / cli

  View on GitHub
  A CLI tool for managing Chronicle user workflows
  ☆18Sep 24, 2025Updated 4 months ago
• alatif113 / mitre_attck_heatmap

  View on GitHub
  ☆19Dec 9, 2024Updated last year
• CIRCL / forensic-tools

  View on GitHub
  CIRCL system forensic tools or a jumble of tools to support forensic
  ☆41Jan 20, 2023Updated 3 years ago
• Borosan / bash-scripting-cheatsheet

  View on GitHub
  bash scripting cheatsheet.
  ☆21Oct 13, 2021Updated 4 years ago
• cocaman / analysis_scripts

  View on GitHub
  Collection of scripts used to analyse malware or emails
  ☆20Oct 6, 2020Updated 5 years ago
• splunk / securitydatasets

  View on GitHub
  Home for Splunk security datasets.
  ☆128Mar 18, 2020Updated 5 years ago
• LukeMurphey / splunk-dashboard-tabs-example

  View on GitHub
  An example of the use of tabs on a Splunk dashboard. #splunk
  ☆22Aug 26, 2023Updated 2 years ago
• bannsec / autopsy_docker

  View on GitHub
  Docker build for autopsy
  ☆21Apr 13, 2021Updated 4 years ago
• veeral-patel / true-positive

  View on GitHub
  Collaborative, web-based case management for incident response
  ☆24Jan 23, 2024Updated 2 years ago
• Th1ru-M / Windows-Threat-Hunting

  View on GitHub
  Hunt for Keywords , Mutex, Windows Event,Registry Keys,Process,Schedule tasks in Windows Machine
  ☆22Dec 8, 2024Updated last year
• corelight / threat-hunting-guide

  View on GitHub
  ☆58Mar 4, 2022Updated 3 years ago
• MHaggis / notes

  View on GitHub
  Full of public notes and Utilities
  ☆130Jan 6, 2026Updated last month
• malice-plugins / yara

  View on GitHub
  Malice Yara Plugin
  ☆30Sep 8, 2019Updated 6 years ago
• angry-bender / forensicssetup

  View on GitHub
  An open source project aimed to replicate the Windows SIFT Machine and tools used during SANS Courses minus any payware software.
  ☆25Oct 18, 2023Updated 2 years ago
• christian-taillon / splunk-spl

  View on GitHub
  SPL cheatsheet for Splunk.
  ☆26Dec 2, 2022Updated 3 years ago
• jivoi / ids_and_siem

  View on GitHub
  intrusion detection
  ☆26Jun 14, 2017Updated 8 years ago
• mthcht / lookup-editor_scripts

  View on GitHub
  scripts using splunk application lookup-editor endpoint. Download, upload and update splunk lookups content
  ☆31Jul 1, 2024Updated last year
• pwnwiki / dfirwiki

  View on GitHub
  Digital Forensics and Incident Response Wiki
  ☆40May 19, 2014Updated 11 years ago
• tropChaud / Cyber-Adversary-Heatmaps

  View on GitHub
  Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.
  ☆36Aug 12, 2022Updated 3 years ago
• Fadavvi / Yara-Repo

  View on GitHub
  A script to collect (the most famous) Yara rules from more than 150 free resources. Free alternative to: https://valhalla.nextron-system…
  ☆28Aug 26, 2023Updated 2 years ago
• Neo23x0 / cyber-chef-recipes

  View on GitHub
  Recipes for GCHQ's CyberChef Web App
  ☆39Nov 15, 2018Updated 7 years ago