Library of threat hunts to get any user started!
☆50Sep 4, 2020Updated 5 years ago
Alternatives and similar repositories for TheThreatHuntLibrary
Users that are interested in TheThreatHuntLibrary are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Threat Hunt Investigation Methodology and Procedure☆15Jul 11, 2022Updated 3 years ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- High-level Threat Intelligence playbooks☆21Mar 6, 2021Updated 5 years ago
- MalwareAnalysis☆12Dec 19, 2020Updated 5 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 9 months ago
- Here are some tools I developed to help analyze malware☆11Nov 8, 2023Updated 2 years ago
- evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.☆158Nov 30, 2021Updated 4 years ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆43Jul 18, 2022Updated 3 years ago
- Ekoparty's BlueSpace Keynote November 2021. Shoutout to @plugxor Muchas Gracias!!!☆13Jun 5, 2023Updated 2 years ago
- Repository with Sample threat hunting notebooks on Security Event Log Data Sources☆69Dec 2, 2022Updated 3 years ago
- Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…☆77Jul 13, 2021Updated 4 years ago
- PyVelociraptor contains the python bindings for the Velociraptor API.☆21Apr 8, 2026Updated last week
- A repository to share publicly available Velociraptor detection content☆202Apr 12, 2026Updated last week
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- ☆33Feb 26, 2022Updated 4 years ago
- A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.☆22Apr 16, 2021Updated 5 years ago
- ☆38Aug 23, 2022Updated 3 years ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆37Jul 11, 2023Updated 2 years ago
- Tools for hunting for threats.☆601Apr 30, 2025Updated 11 months ago
- $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility☆38Jul 18, 2024Updated last year
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆80Jan 9, 2024Updated 2 years ago
- Binary commandline executable to parse ETL files☆69Jun 7, 2018Updated 7 years ago
- Malformed Access Log to CSV - Convert Web Server Access Logs to CSV☆18Sep 3, 2024Updated last year
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Python script for parsing ESET (NOD32) virlog.dat file.☆14Sep 28, 2017Updated 8 years ago
- ☆22Jan 31, 2023Updated 3 years ago
- ☆12Jan 5, 2021Updated 5 years ago
- Repo that hold write-ups of various research projects I did and/or overall InfoSec things I investigated/researched.☆22Jan 5, 2025Updated last year
- #ThreatHunting #DFIR #Malware #Detection Mind Maps☆306Nov 13, 2021Updated 4 years ago
- Repository with selected IOCs and YARA rules for threat hunting.☆35Apr 8, 2026Updated last week
- A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.☆108Mar 12, 2026Updated last month
- Netwitness Maltego integration Project☆18May 9, 2017Updated 8 years ago
- Threat Hunting & Incident Investigation with Osquery☆217Mar 30, 2022Updated 4 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Hunt for Keywords , Mutex, Windows Event,Registry Keys,Process,Schedule tasks in Windows Machine☆22Dec 8, 2024Updated last year
- Get intelligence info (tags, mitre techniques, yara and more) and find similar malware in a fast and easy way☆19Jun 6, 2022Updated 3 years ago
- ☆33Oct 25, 2021Updated 4 years ago
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆154Apr 25, 2022Updated 3 years ago
- Practical Information Sharing between Law Enforcement and CSIRT communities using MISP☆35Sep 18, 2023Updated 2 years ago
- Extract messages from a local Microsoft Teams installation☆15Jan 14, 2023Updated 3 years ago
- Threat Box Assessment Tool☆19Mar 5, 2026Updated last month