thirdeyeintelligence/ThreatHunting external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

thirdeyeintelligence/ThreatHunting

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/thirdeyeintelligence/ThreatHunting)

Close

thirdeyeintelligence / ThreatHuntingView on GitHubMore

• External links
• Readme badge

An informational repo about hunting for adversaries in your IT environment.

☆14Apr 10, 2017Updated 9 years ago

Alternatives and similar repositories for ThreatHunting

Users that are interested in ThreatHunting are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• thirdeyeintelligence / Tools-mindmap

  View on GitHub
  mindmap created for tools can be used during analysis/investigation
  ☆28Jan 4, 2017Updated 9 years ago
• CERT-Bund / misp-warninglists-analyzer

  View on GitHub
  Checks observables/ioc in TheHive/Cortex against the MISP warningslists
  ☆14Dec 27, 2017Updated 8 years ago
• CdtDelta / YOP

  View on GitHub
  My Year of Python Repository
  ☆28Jun 13, 2020Updated 6 years ago
• superponible / DFIR

  View on GitHub
  Various DFIR Tools
  ☆27Jul 23, 2018Updated 7 years ago
• dkovar / ircollect

  View on GitHub
  ircollect
  ☆31Aug 7, 2013Updated 12 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• phainlen / DNS-Hunting

  View on GitHub
  Use DNS to hunt for threats including DGAs
  ☆15Jan 4, 2016Updated 10 years ago
• CIRCL / cuckoo-modified

  View on GitHub
  Modified edition of cuckoo
  ☆18Feb 14, 2018Updated 8 years ago
• forensicmatt / libtsk-rs

  View on GitHub
  Wrapper for TSK (Sleuth Kit) Bindings
  ☆11Jan 10, 2023Updated 3 years ago
• devgc / SrumMonkey

  View on GitHub
  Tool to parse SRU database
  ☆25Mar 1, 2018Updated 8 years ago
• thirdeyeintelligence / Memoirs-of-a-Threat-Hunter

  View on GitHub
  My personal experience in Threat Hunting and knowledge gained so far.
  ☆19May 27, 2017Updated 9 years ago
• alphaSeclab / malware-ioc-hash

  View on GitHub
  Collection of malware ioc hashes from blog posts. A Python script is provided to search through it.
  ☆19Sep 10, 2020Updated 5 years ago
• clr2of8 / DeployREMnux

  View on GitHub
  DeployREMnux is a Python script that will deploy a cloud instance of the public REMnux distribution in the Amazon cloud (AWS).
  ☆16Dec 20, 2019Updated 6 years ago
• aacgood / Cortex-Analyzers

  View on GitHub
  A collection of Cortex Analyzers and Responders for TheHive/Cortex
  ☆13Jan 29, 2020Updated 6 years ago
• longlene / clx

  View on GitHub
  clx overlay
  ☆11Jun 22, 2026Updated last week
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• thirdeyeintelligence / IOCs-in-CSV-format

  View on GitHub
  The repository contains IOCs in CSV format for APT, Cyber Crimes, Malware and Trojan and whatever I found as part of hunting and research
  ☆12Jun 10, 2017Updated 9 years ago
• defensivedepth / Pertinax

  View on GitHub
  Integrating Sysinternals Autoruns’ logs into Security Onion
  ☆31Feb 20, 2024Updated 2 years ago
• certsocietegenerale / event2timeline

  View on GitHub
  Simple Microsoft Windows sessions event logs visualization
  ☆154May 2, 2022Updated 4 years ago
• joxeankoret / deeptoad

  View on GitHub
  DeepToad is a library and a tool to clusterize similar files using fuzzy hashing
  ☆20Apr 5, 2020Updated 6 years ago
• sailuh / perceive

  View on GitHub
  PERCEIVE is a project incubator inspired by Apache Incubator and Stack Exchange's Area 51. It serves as a staging zone repository for the…
  ☆13May 21, 2018Updated 8 years ago
• adulau / misp-osint-collection

  View on GitHub
  Collection of best practices to add OSINT into MISP and/or MISP communities
  ☆65Sep 29, 2023Updated 2 years ago
• grahamhelton / SansTerminalIndexer

  View on GitHub
  Easily create index of your SANS books
  ☆18Oct 28, 2022Updated 3 years ago
• austininfosecfounders / obsidian-obsessions

  View on GitHub
  Collection of scripts, patterns, tips, notes, etc for Obsidian.md users
  ☆14Mar 5, 2025Updated last year
• CIRCL / bgpranking-redis-api

  View on GitHub
  API to access the Redis database of a BGP Ranking instance.
  ☆17Dec 11, 2017Updated 8 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• LDO-CERT / mans_to_es

  View on GitHub
  Parses the FireEye HX .mans triage collections and sends them to ElasticSearch
  ☆17Feb 17, 2023Updated 3 years ago
• corelight / top-dns

  View on GitHub
  Top DNS Measurement for Bro
  ☆10Aug 22, 2020Updated 5 years ago
• pcbje / relational-timeline

  View on GitHub
  Visualization of interaction between entities
  ☆17Nov 28, 2016Updated 9 years ago
• S3cur3Th1sSh1t / MailSniper

  View on GitHub
  MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, i…
  ☆19Jan 28, 2022Updated 4 years ago
• sakaki- / gentoo-on-armory

  View on GitHub
  Bootable Gentoo image for USB armory, with Linux 4.3.0
  ☆12Mar 25, 2017Updated 9 years ago
• CanTopay / thehive-playbook-creator

  View on GitHub
  A script to create and assign SOP tasks into the cases
  ☆20Aug 16, 2020Updated 5 years ago
• StamusNetworks / KTS5

  View on GitHub
  Kibana 5 Templates for Suricata IDPS
  ☆43May 30, 2018Updated 8 years ago
• Powershell-Offense / Post-Exploitation

  View on GitHub
  \ PowerAvails Powershell /
  ☆10Jun 30, 2018Updated 7 years ago
• juhele / CzechRad

  View on GitHub
  Mobile detector for radiation mapping - similar to SAFECAST bGeigie Nano
  ☆16May 18, 2026Updated last month
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• miztiik / serverless-kms-key-rotator

  View on GitHub
  AWS KMS Encryption & Decyption using CLI & Lambda
  ☆10Apr 12, 2021Updated 5 years ago
• osV22 / ATTACK-Force-Graph

  View on GitHub
  Generate JSON force-directed/ node graph data from MITRE's ATTACK framework and visualize it interactively
  ☆39Apr 19, 2025Updated last year
• CIRCL / pystemon

  View on GitHub
  Monitoring tool for PasteBin-alike sites written in Python. Inspired by pastemon http://github.com/xme/pastemon
  ☆44Jan 31, 2021Updated 5 years ago
• analyzeDFIR / analyzePF

  View on GitHub
  Tool for analysis of Windows Prefetch files
  ☆26Nov 11, 2018Updated 7 years ago
• pcengines / linux-gpio-nct5104d

  View on GitHub
  NCT5104D GPIO Linux Driver
  ☆13Jan 5, 2024Updated 2 years ago
• fygrave / iocmap

  View on GitHub
  Indicator of Compromise Mapping Service
  ☆12Apr 15, 2014Updated 12 years ago
• jstnk9 / TIBER-Cases

  View on GitHub
  TIBER-Cases is a project created to give cases of The Hive platform for Threat Intelligence Analysts mainly. All the cases are mapped to …
  ☆27Jul 13, 2022Updated 3 years ago