Library of threat hunts to get any user started!
☆50Sep 4, 2020Updated 5 years ago
Alternatives and similar repositories for TheThreatHuntLibrary
Users that are interested in TheThreatHuntLibrary are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Threat Hunt Investigation Methodology and Procedure☆15Jul 11, 2022Updated 3 years ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- High-level Threat Intelligence playbooks☆20Mar 6, 2021Updated 5 years ago
- MalwareAnalysis☆12Dec 19, 2020Updated 5 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Here are some tools I developed to help analyze malware☆11Nov 8, 2023Updated 2 years ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 9 months ago
- evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.☆158Nov 30, 2021Updated 4 years ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆44Jul 18, 2022Updated 3 years ago
- Ekoparty's BlueSpace Keynote November 2021. Shoutout to @plugxor Muchas Gracias!!!☆13Jun 5, 2023Updated 2 years ago
- Repository with Sample threat hunting notebooks on Security Event Log Data Sources☆69Dec 2, 2022Updated 3 years ago
- Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…☆77Jul 13, 2021Updated 4 years ago
- PyVelociraptor contains the python bindings for the Velociraptor API.☆21Feb 11, 2026Updated last month
- A repository to share publicly available Velociraptor detection content☆198Updated this week
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- ☆33Feb 26, 2022Updated 4 years ago
- A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.☆22Apr 16, 2021Updated 4 years ago
- ☆37Aug 23, 2022Updated 3 years ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆37Jul 11, 2023Updated 2 years ago
- Tools for hunting for threats.☆599Apr 30, 2025Updated 11 months ago
- $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility☆38Jul 18, 2024Updated last year
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆79Jan 9, 2024Updated 2 years ago
- Binary commandline executable to parse ETL files☆69Jun 7, 2018Updated 7 years ago
- Malformed Access Log to CSV - Convert Web Server Access Logs to CSV☆18Sep 3, 2024Updated last year
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Python script for parsing ESET (NOD32) virlog.dat file.☆14Sep 28, 2017Updated 8 years ago
- ☆22Jan 31, 2023Updated 3 years ago
- ☆12Jan 5, 2021Updated 5 years ago
- Repo that hold write-ups of various research projects I did and/or overall InfoSec things I investigated/researched.☆22Jan 5, 2025Updated last year
- #ThreatHunting #DFIR #Malware #Detection Mind Maps☆304Nov 13, 2021Updated 4 years ago
- Repository with selected IOCs and YARA rules for threat hunting.☆35May 21, 2025Updated 10 months ago
- A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.☆107Mar 12, 2026Updated 2 weeks ago
- Netwitness Maltego integration Project☆18May 9, 2017Updated 8 years ago
- Threat Hunting & Incident Investigation with Osquery☆217Mar 30, 2022Updated 4 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Hunt for Keywords , Mutex, Windows Event,Registry Keys,Process,Schedule tasks in Windows Machine☆22Dec 8, 2024Updated last year
- Get intelligence info (tags, mitre techniques, yara and more) and find similar malware in a fast and easy way☆19Jun 6, 2022Updated 3 years ago
- ☆33Oct 25, 2021Updated 4 years ago
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆154Apr 25, 2022Updated 3 years ago
- Practical Information Sharing between Law Enforcement and CSIRT communities using MISP☆35Sep 18, 2023Updated 2 years ago
- Extract messages from a local Microsoft Teams installation☆15Jan 14, 2023Updated 3 years ago
- Threat Box Assessment Tool☆19Mar 5, 2026Updated 3 weeks ago