sophos/solarwinds-threathunt external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

sophos/solarwinds-threathunt

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/sophos/solarwinds-threathunt)

Close

sophos / solarwinds-threathuntView on GitHubMore

• External links
• Readme badge

Threathunt details for the Solarwinds compromise

☆33Jun 26, 2021Updated 4 years ago

Alternatives and similar repositories for solarwinds-threathunt

Users that are interested in solarwinds-threathunt are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• forensicmatt / RustyReg

  View on GitHub
  Registry to JSON. This Project is for learning purposes and is not maintained.
  ☆12Dec 28, 2021Updated 4 years ago
• rkovar / sunburstlookups

  View on GitHub
  Quick lookup files for SUNBURST Backdoor
  ☆12Dec 15, 2020Updated 5 years ago
• TakahiroHaruyama / onigiri

  View on GitHub
  onigiri - remote malware triage script
  ☆24Nov 5, 2015Updated 10 years ago
• malice-plugins / office

  View on GitHub
  Malice Office/OLE/RTF Plugin
  ☆13Aug 29, 2018Updated 7 years ago
• jipegit / IncidentsMindMaps

  View on GitHub
  Cybersecurity Incidents Mind Maps
  ☆34Sep 29, 2021Updated 4 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• LuemmelSec / impacket

  View on GitHub
  Impacket is a collection of Python classes for working with network protocols.
  ☆10Mar 24, 2026Updated 2 months ago
• keydet89 / LNK

  View on GitHub
  Repository for LNK stuff
  ☆31Aug 31, 2022Updated 3 years ago
• harvard-itsecurity / qradar-seculert-push

  View on GitHub
  Push "BAD" IPs/Networks into QRadar's "Remote Networks", tag them properly, and use them!
  ☆17Nov 5, 2013Updated 12 years ago
• chrisdfir / sysmon2splunk

  View on GitHub
  The method and files used to generate Sysmon event logs, push them to a remote Splunk, and ingest/normalize the data for analysis.
  ☆10Sep 28, 2020Updated 5 years ago
• grapl-security / grapl-analyzers

  View on GitHub
  Hosted analyzers built for Grapl
  ☆14Dec 26, 2022Updated 3 years ago
• joshbrunty / SysScout

  View on GitHub
  SysScout is a fully encapsulated script that quickly and easily pulls local machine information from Linux-Based systems. A simple, easy…
  ☆13Oct 20, 2017Updated 8 years ago
• strozfriedberg / liblightgrep

  View on GitHub
  Fast multipattern regular expression searching for digital forensics
  ☆18Jul 31, 2019Updated 6 years ago
• PwCUK-CTO / SANSCTISummit2021-xStart

  View on GitHub
  Indicators of compromise, YARA rules, and Python scripts to supplement the SANS CTI Summit 2021 talk: "xStart when you're ready".
  ☆14Jul 12, 2021Updated 4 years ago
• Velocidex / eql2vql

  View on GitHub
  Transform EQL detection rules to VQL artifacts
  ☆12Nov 12, 2021Updated 4 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• exp0se / harbinger

  View on GitHub
  Harbinger Threat Intelligence
  ☆83Dec 8, 2015Updated 10 years ago
• dafthack / zphisher

  View on GitHub
  Automated Phishing Tool
  ☆11May 27, 2020Updated 6 years ago
• MHaggis / CBR-Queries

  View on GitHub
  Collection of useful, up to date, Carbon Black Response Queries
  ☆86Oct 23, 2020Updated 5 years ago
• robertdebock / ansible-role-auditd

  View on GitHub
  Install and configure auditd on your system.
  ☆22Mar 17, 2026Updated 2 months ago
• gajos112 / PowerShell-Timeliner

  View on GitHub
  ☆12Jun 3, 2022Updated 4 years ago
• ArsenalRecon / SdbaParser

  View on GitHub
  Parser for Sdba memory pool tags
  ☆21Jul 16, 2021Updated 4 years ago
• 2igosha / sunburst_dga

  View on GitHub
  ☆22Dec 22, 2020Updated 5 years ago
• bromiley / tools

  View on GitHub
  Various tools and scripts
  ☆43Nov 30, 2022Updated 3 years ago
• gopi-123 / Speech_To_Text

  View on GitHub
  Recognizes your speech in mp3 audio file, wav file or laptop microphone and converts to text
  ☆10Nov 18, 2019Updated 6 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• svincode / BlueTeam

  View on GitHub
  A bunch of scripts used for network defense during competitions.
  ☆15Apr 3, 2015Updated 11 years ago
• mandiant / sunburst_countermeasures

  View on GitHub
  ☆562Jun 1, 2023Updated 3 years ago
• bgrundy / cheatsheets-forensic

  View on GitHub
  Forensic cheatsheets for use with cheat
  ☆15Dec 2, 2021Updated 4 years ago
• aff4 / aff4-cpp-lite

  View on GitHub
  A lightweight C++/C AFF4 reader library
  ☆15Feb 5, 2026Updated 4 months ago
• Maboalenen / DFIR

  View on GitHub
  Incident response teams usually working on the offline data, collecting the evidence, then analyze the data
  ☆48Jan 2, 2022Updated 4 years ago
• kost / docker-sift

  View on GitHub
  Docker container of SANS Investigative Forensic Toolkit (SIFT) Workstation Version 3
  ☆10Oct 9, 2016Updated 9 years ago
• AhmedKamal1432 / Evilize

  View on GitHub
  Triaging Windows event logs based on SANS Poster
  ☆47Nov 22, 2025Updated 6 months ago
• sophoslabs / covid-iocs

  View on GitHub
  Malware, spam, and phishing indicators of compromise that involve the use of COVID-19 or coronavirus in some way
  ☆35Jul 4, 2020Updated 5 years ago
• seth1002 / tracecorn_tina

  View on GitHub
  a modified version base on Tracecorn
  ☆20Oct 29, 2019Updated 6 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• dibsy / Recipies-Of-A-Jenkins-Hacker

  View on GitHub
  Jenkins Security Research or Hacking Jenkins ;)
  ☆12Dec 10, 2024Updated last year
• jdu2600 / API-To-ETW

  View on GitHub
  Uses ghidra to find all ETW write metadata for each API in a PE file
  ☆29Jul 26, 2024Updated last year
• forensiclunch / ETLParser

  View on GitHub
  Binary commandline executable to parse ETL files
  ☆69Jun 7, 2018Updated 8 years ago
• EricZimmerman / iisGeolocate

  View on GitHub
  geolocate ip addresses in IIS logs
  ☆21May 10, 2026Updated last month
• gcochard / hibp-downloader

  View on GitHub
  Download all the HIBP passwords
  ☆12Apr 6, 2023Updated 3 years ago
• iAbadia / Volatility-Plugin-Tutorial

  View on GitHub
  Development guide for Volatility Plugins
  ☆22Sep 6, 2017Updated 8 years ago
• zero2504 / Fairy-Law

  View on GitHub
  Fairy Law - Compromise or disable EDR security solutions
  ☆79Dec 1, 2025Updated 6 months ago