target/Threat-Hunting external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

target/Threat-Hunting

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/target/Threat-Hunting)

Close

target / Threat-HuntingView on GitHubMore

• External links
• Readme badge

Jupyter notebooks for threat hunting

☆60Mar 26, 2025Updated last year

Alternatives and similar repositories for Threat-Hunting

Users that are interested in Threat-Hunting are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• elastic / sans-dfir-2022

  View on GitHub
  Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"
  ☆11Feb 6, 2025Updated last year
• theaj42 / presentations

  View on GitHub
  ☆17Jan 21, 2026Updated 2 months ago
• egaus / MaliciousMacroBot

  View on GitHub
  ☆154Dec 6, 2018Updated 7 years ago
• EricZimmerman / RegistryExplorerBookmarks

  View on GitHub
  Registry Explorer bookmark definitions
  ☆44Dec 19, 2024Updated last year
• MHaggis / notes

  View on GitHub
  Full of public notes and Utilities
  ☆132Jan 6, 2026Updated 2 months ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• ConnorShride / box-ps

  View on GitHub
  Powershell sandboxing utility
  ☆20Mar 2, 2026Updated 3 weeks ago
• solomonsonya / Xavier_MemoryAnalysis_Framework

  View on GitHub
  Xavier Framework is a user interface wrapper built on top of the Volatility(c) memory forensics framework.
  ☆46Jul 7, 2022Updated 3 years ago
• forensicmatt / RustyReg

  View on GitHub
  Registry to JSON. This Project is for learning purposes and is not maintained.
  ☆12Dec 28, 2021Updated 4 years ago
• blueteam0ps / memOptix

  View on GitHub
  A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.
  ☆97May 28, 2023Updated 2 years ago
• msuhanov / regf-samples

  View on GitHub
  Windows registry samples
  ☆24Nov 18, 2018Updated 7 years ago
• omerbenamram / winstructs

  View on GitHub
  Parsers for common structures across windows formats.
  ☆12Aug 23, 2023Updated 2 years ago
• nov3mb3r / trident

  View on GitHub
  A PowerShell incident response script for quick triage
  ☆81Jul 18, 2022Updated 3 years ago
• grayfold3d / Get-KapeModuleBinaries

  View on GitHub
  Parses KAPE module files and downloads binaries referenced by BinaryURL
  ☆18Oct 2, 2019Updated 6 years ago
• tsale / Sigma_rules

  View on GitHub
  Sigma rules to share with the community
  ☆124Jan 29, 2025Updated last year
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• cybersheepdog / Threat-Hunting-Metrics

  View on GitHub
  Threat Hunting is time consuming enough as it is. Coming up with and tracking metrics to justify your hunt team to the Execs often takes…
  ☆13Dec 7, 2022Updated 3 years ago
• ArsenalRecon / SdbaParser

  View on GitHub
  Parser for Sdba memory pool tags
  ☆21Jul 16, 2021Updated 4 years ago
• mandiant / win10_auto

  View on GitHub
  ☆24Aug 30, 2019Updated 6 years ago
• memprocfshunt / MemProcFSHunter

  View on GitHub
  A powershell parser for https://github.com/ufrisk/MemProcFS
  ☆45May 12, 2021Updated 4 years ago
• theflakes / reg_hunter

  View on GitHub
  Blueteam operational triage registry hunting/forensic tool.
  ☆149Sep 2, 2025Updated 6 months ago
• dewoodruff / evtx_to_csv

  View on GitHub
  ☆15Jun 4, 2018Updated 7 years ago
• invictus-ir / ALFA

  View on GitHub
  ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…
  ☆174Mar 2, 2026Updated 3 weeks ago
• 00010111 / gMetaDataParse

  View on GitHub
  ☆24Mar 12, 2025Updated last year
• dwmetz / CyberPipe

  View on GitHub
  An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.
  ☆340Dec 3, 2025Updated 3 months ago
• Wordpress hosting with auto-scaling on Cloudways • Ad
  Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
• dlcowen / sansfor509

  View on GitHub
  Public script from SANS FOR509 Enterprise Cloud Incident Response
  ☆226Oct 26, 2025Updated 5 months ago
• petebryan / blue_team_con

  View on GitHub
  ☆17Aug 27, 2022Updated 3 years ago
• CD-R0M / YARA

  View on GitHub
  Hundred Days of Yara Challenge
  ☆12Jun 21, 2022Updated 3 years ago
• qbrusa / Windows-Security-Event-ID-Helper

  View on GitHub
  This repository provide a json file for all Windows security Event IDs with lot of useful informations (Categories, GPO, Volume, Recomman…
  ☆11Mar 2, 2023Updated 3 years ago
• halpomeranz / linewatch

  View on GitHub
  ☆18Apr 16, 2015Updated 10 years ago
• agreenjay / sysmon

  View on GitHub
  A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data
  ☆39Mar 23, 2020Updated 6 years ago
• ydkhatri / spotlight_queries

  View on GitHub
  Queries for parsed spotlight database in sqlite
  ☆13Dec 29, 2020Updated 5 years ago
• strozfriedberg / notatin

  View on GitHub
  A Windows registry file parser written in Rust
  ☆41Oct 30, 2025Updated 4 months ago
• AndrewRathbun / EventTranscript.db-Research

  View on GitHub
  A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.
  ☆44Jul 18, 2022Updated 3 years ago
• Wordpress hosting with auto-scaling on Cloudways • Ad
  Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
• corelight / threat-hunting-guide

  View on GitHub
  ☆58Mar 4, 2022Updated 4 years ago
• AndrewRathbun / VanillaWindowsRegistryHives

  View on GitHub
  A repo that contains a recursive dump from the ROOT key of every Windows Registry hive (using KAPE) from a vanilla (clean) install of eve…
  ☆53Oct 29, 2025Updated 4 months ago
• AbdulRhmanAlfaifi / lnk_parser

  View on GitHub
  lnk_parser is a full rust implementation to parse windows LNK files
  ☆23Feb 17, 2026Updated last month
• nccgroup / grepify

  View on GitHub
  Grepify the GUI Regex Text Scanner for Code Reviewers
  ☆23Apr 15, 2013Updated 12 years ago
• forensicmatt / RustyUsn

  View on GitHub
  USN to JSON
  ☆22Apr 4, 2020Updated 5 years ago
• shun-yo / Spaniel

  View on GitHub
  Malware analysis tool based on taint analysis.
  ☆14Jan 29, 2022Updated 4 years ago
• invictus-ir / aws_dataset

  View on GitHub
  A dataset with CloudTrail events from an attack simulation using Stratus.
  ☆25Jul 12, 2023Updated 2 years ago