Jupyter notebooks for threat hunting
☆61May 16, 2026Updated last week
Alternatives and similar repositories for Threat-Hunting
Users that are interested in Threat-Hunting are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- ☆17Mar 31, 2026Updated last month
- ☆154Dec 6, 2018Updated 7 years ago
- Registry Explorer bookmark definitions☆45Dec 19, 2024Updated last year
- Full of public notes and Utilities☆133Jan 6, 2026Updated 4 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Powershell sandboxing utility☆19May 19, 2026Updated last week
- Xavier Framework is a user interface wrapper built on top of the Volatility(c) memory forensics framework.☆46Jul 7, 2022Updated 3 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97May 28, 2023Updated 2 years ago
- Windows registry samples☆24Nov 18, 2018Updated 7 years ago
- Parsers for common structures across windows formats.☆12Aug 23, 2023Updated 2 years ago
- A PowerShell incident response script for quick triage☆81Jul 18, 2022Updated 3 years ago
- Parses KAPE module files and downloads binaries referenced by BinaryURL☆18Oct 2, 2019Updated 6 years ago
- Sigma rules to share with the community☆126Jan 29, 2025Updated last year
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Threat Hunting is time consuming enough as it is. Coming up with and tracking metrics to justify your hunt team to the Execs often takes…☆13Dec 7, 2022Updated 3 years ago
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- ☆24Aug 30, 2019Updated 6 years ago
- A powershell parser for https://github.com/ufrisk/MemProcFS☆45May 12, 2021Updated 5 years ago
- Blueteam operational triage registry hunting/forensic tool.☆148Sep 2, 2025Updated 8 months ago
- ☆15Jun 4, 2018Updated 7 years ago
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆181Mar 2, 2026Updated 2 months ago
- ☆23Mar 12, 2025Updated last year
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆340Dec 3, 2025Updated 5 months ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Public script from SANS FOR509 Enterprise Cloud Incident Response☆229Oct 26, 2025Updated 7 months ago
- ☆17Aug 27, 2022Updated 3 years ago
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- This repository provide a json file for all Windows security Event IDs with lot of useful informations (Categories, GPO, Volume, Recomman…☆11Mar 2, 2023Updated 3 years ago
- ☆18Apr 16, 2015Updated 11 years ago
- A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data☆39Mar 23, 2020Updated 6 years ago
- Queries for parsed spotlight database in sqlite☆13Dec 29, 2020Updated 5 years ago
- A Windows registry file parser written in Rust☆40Oct 30, 2025Updated 6 months ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆43Jul 18, 2022Updated 3 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- ☆58Mar 4, 2022Updated 4 years ago
- A repo that contains a recursive dump from the ROOT key of every Windows Registry hive (using KAPE) from a vanilla (clean) install of eve…☆52Oct 29, 2025Updated 6 months ago
- lnk_parser is a full rust implementation to parse windows LNK files☆23Feb 17, 2026Updated 3 months ago
- Grepify the GUI Regex Text Scanner for Code Reviewers☆23Apr 15, 2013Updated 13 years ago
- USN to JSON☆22Apr 4, 2020Updated 6 years ago
- Malware analysis tool based on taint analysis.☆14Jan 29, 2022Updated 4 years ago
- A dataset with CloudTrail events from an attack simulation using Stratus.☆26Jul 12, 2023Updated 2 years ago