thirdeyeintelligence/ThreatHunting external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

thirdeyeintelligence/ThreatHunting

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/thirdeyeintelligence/ThreatHunting)

Close

thirdeyeintelligence / ThreatHuntingView on GitHubMore

• External links
• Readme badge

An informational repo about hunting for adversaries in your IT environment.

☆14Apr 10, 2017Updated 8 years ago

Alternatives and similar repositories for ThreatHunting

Users that are interested in ThreatHunting are comparing it to the libraries listed below

• thirdeyeintelligence / Tools-mindmap

  View on GitHub
  mindmap created for tools can be used during analysis/investigation
  ☆28Jan 4, 2017Updated 9 years ago
• CERT-Bund / misp-warninglists-analyzer

  View on GitHub
  Checks observables/ioc in TheHive/Cortex against the MISP warningslists
  ☆14Dec 27, 2017Updated 8 years ago
• alphaSeclab / malware-ioc-hash

  View on GitHub
  Collection of malware ioc hashes from blog posts. A Python script is provided to search through it.
  ☆19Sep 10, 2020Updated 5 years ago
• thirdeyeintelligence / IOCs-in-CSV-format

  View on GitHub
  The repository contains IOCs in CSV format for APT, Cyber Crimes, Malware and Trojan and whatever I found as part of hunting and research
  ☆12Jun 10, 2017Updated 8 years ago
• CdtDelta / YOP

  View on GitHub
  My Year of Python Repository
  ☆28Jun 13, 2020Updated 5 years ago
• aacgood / Cortex-Analyzers

  View on GitHub
  A collection of Cortex Analyzers and Responders for TheHive/Cortex
  ☆13Jan 29, 2020Updated 6 years ago
• phainlen / DNS-Hunting

  View on GitHub
  Use DNS to hunt for threats including DGAs
  ☆15Jan 4, 2016Updated 10 years ago
• LDO-CERT / mans_to_es

  View on GitHub
  Parses the FireEye HX .mans triage collections and sends them to ElasticSearch
  ☆16Feb 17, 2023Updated 3 years ago
• clr2of8 / DeployREMnux

  View on GitHub
  DeployREMnux is a Python script that will deploy a cloud instance of the public REMnux distribution in the Amazon cloud (AWS).
  ☆16Dec 20, 2019Updated 6 years ago
• CIRCL / cuckoo-modified

  View on GitHub
  Modified edition of cuckoo
  ☆18Feb 14, 2018Updated 8 years ago
• grahamhelton / SansTerminalIndexer

  View on GitHub
  Easily create index of your SANS books
  ☆18Oct 28, 2022Updated 3 years ago
• CanTopay / thehive-playbook-creator

  View on GitHub
  A script to create and assign SOP tasks into the cases
  ☆20Aug 16, 2020Updated 5 years ago
• williballenthin / LfLe

  View on GitHub
  Recover event log entries from an image by heurisitically looking for record structures.
  ☆26Oct 9, 2015Updated 10 years ago
• thirdeyeintelligence / Memoirs-of-a-Threat-Hunter

  View on GitHub
  My personal experience in Threat Hunting and knowledge gained so far.
  ☆19May 27, 2017Updated 8 years ago
• jstnk9 / TIBER-Cases

  View on GitHub
  TIBER-Cases is a project created to give cases of The Hive platform for Threat Intelligence Analysts mainly. All the cases are mapped to …
  ☆27Jul 13, 2022Updated 3 years ago
• LogRhythm-Labs / VirusTotal

  View on GitHub
  VirusTotal SIEM Integration and Automation
  ☆18Jan 16, 2017Updated 9 years ago
• superponible / DFIR

  View on GitHub
  Various DFIR Tools
  ☆27Jul 23, 2018Updated 7 years ago
• devgc / SrumMonkey

  View on GitHub
  Tool to parse SRU database
  ☆25Mar 1, 2018Updated 7 years ago
• jordisk / TheHive2Sigma

  View on GitHub
  Python script to automatically create sigma rules from The hive observables
  ☆25Mar 17, 2019Updated 6 years ago
• dkovar / ircollect

  View on GitHub
  ircollect
  ☆31Aug 7, 2013Updated 12 years ago
• adulau / misp-osint-collection

  View on GitHub
  Collection of best practices to add OSINT into MISP and/or MISP communities
  ☆65Sep 29, 2023Updated 2 years ago
• osV22 / ATTACK-Force-Graph

  View on GitHub
  Generate JSON force-directed/ node graph data from MITRE's ATTACK framework and visualize it interactively
  ☆38Apr 19, 2025Updated 10 months ago
• PoorBillionaire / USN-Record-Carver

  View on GitHub
  Carve NTFS USN records from binary data
  ☆27May 21, 2017Updated 8 years ago
• StrangeBeeCorp / thehive-templates

  View on GitHub
  ☆28Nov 25, 2025Updated 3 months ago
• LogRhythm-Labs / PIE

  View on GitHub
  The Phishing Intelligence Engine - An Active Defense PowerShell Framework for Phishing Defense with Office 365
  ☆180Apr 13, 2020Updated 5 years ago
• defensivedepth / Pertinax

  View on GitHub
  Integrating Sysinternals Autoruns’ logs into Security Onion
  ☆31Feb 20, 2024Updated 2 years ago
• SecurityNik / QRadar---Threat-Intelligence-On-The-Cheap

  View on GitHub
  Download a list of suspected malicious IPs and Domains. Create a QRadar Reference Set. Search Your Environment For Malicious IPs
  ☆69Aug 13, 2021Updated 4 years ago
• teamdfir / concordance

  View on GitHub
  Term concordances for each course in the SANS DFIR curriculum. Used for automated index generation.
  ☆69Aug 7, 2020Updated 5 years ago
• Zer01TI / scripts

  View on GitHub
  scripts
  ☆10Aug 25, 2023Updated 2 years ago
• awais922609 / Lets-Defend-Solutions

  View on GitHub
  The "Let's-defend-solution" directory contains the answers to all paths of the Let's Defend platform that were saved by the creator 8 mon…
  ☆12Apr 27, 2023Updated 2 years ago
• desecsecurity / novo-pentest-profissional

  View on GitHub
  Informações extras referentes ao Treinamento Novo Pentest Profissional - https://desecsecurity.com/novo-pentest-profissional
  ☆15May 13, 2023Updated 2 years ago
• packetrat / packethunting

  View on GitHub
  Resources and materials for DEF CON 2018 Packet Hunting Workshop
  ☆79Aug 12, 2018Updated 7 years ago
• certsocietegenerale / event2timeline

  View on GitHub
  Simple Microsoft Windows sessions event logs visualization
  ☆156May 2, 2022Updated 3 years ago
• benyG / RProcDump

  View on GitHub
  Remote process dumping automation. Use it to dump Windows credentials remotely and extract clear text with Mimikatz offline
  ☆35Jan 3, 2020Updated 6 years ago
• dutchcoders / lootbox

  View on GitHub
  Lootbox downloads open directories shared on Twitter.
  ☆35Mar 28, 2021Updated 4 years ago
• klemmestad / PowerShell

  View on GitHub
  PowerShell scripts
  ☆11Feb 19, 2018Updated 8 years ago
• vbuterin / orb-hardware

  View on GitHub
  Hardware specifications and schematics for the Worldcoin Orb.
  ☆10Jul 18, 2023Updated 2 years ago
• CircuitSoul / c4mund0n60

  View on GitHub
  c4mund0n60 is a tool that use output of known tools for generate smart information about a domain
  ☆11Sep 20, 2023Updated 2 years ago
• csirtgadgets / csirtg-smrt-v1

  View on GitHub
  the fastest way to consume threat intelligence.
  ☆30Mar 9, 2023Updated 2 years ago