Sharing Threat Hunting runbooks
☆26Jul 5, 2019Updated 6 years ago
Alternatives and similar repositories for ThreatPlays
Users that are interested in ThreatPlays are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- An attempt to automated hunting for delegation access across the domain☆27Jan 17, 2019Updated 7 years ago
- A curated threat modeling library collection☆24Dec 1, 2023Updated 2 years ago
- Collection of PowerShell functinos and scripts a Blue Teamer might use☆88Oct 4, 2023Updated 2 years ago
- Powershell collection designed to assist in Threat Hunting Windows systems.☆27Apr 13, 2018Updated 8 years ago
- This Repository consists all Public Cheatsheets created by BlackPerl DFIR Content Team☆20Oct 9, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- custom bloodhound queries and knowledge base☆12Apr 16, 2024Updated 2 years ago
- POC code to crash Windows Event Logger Service☆27Oct 16, 2020Updated 5 years ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆18Apr 10, 2020Updated 6 years ago
- ☆78Jun 25, 2019Updated 6 years ago
- ☆14Jun 28, 2017Updated 8 years ago
- A small JS library to generate parametric SVG images of locks and keys, animate them and integrate onto web pages. Released as a support…☆18Aug 10, 2022Updated 3 years ago
- Tools, techniques, cheat sheets, and other resources to assist those defending organizations and detecting adversaries☆462Feb 4, 2022Updated 4 years ago
- Searches for Insider Threat Hunting☆30May 2, 2019Updated 7 years ago
- The Fastest way to consume Threat Intel☆26Apr 30, 2022Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- List of PowerShell commands and commandlets that should be in your Powershel watchlist☆39Jul 22, 2021Updated 4 years ago
- Public Landing Page☆16Jan 7, 2023Updated 3 years ago
- Detecting ATT&CK techniques & tactics for Linux☆258Oct 1, 2020Updated 5 years ago
- ☆14Feb 8, 2020Updated 6 years ago
- A small security playground implementation of GHOSTS User Simulation framework with an Active Directory deployment and Elastic.☆20Jul 17, 2024Updated last year
- Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.☆36Aug 12, 2022Updated 3 years ago
- FIles and guides related to using Elasticstack as a SIEM☆12May 16, 2020Updated 6 years ago
- Some of the lab files for the SANS Institute course SEC505: Securing Windows and PowerShell Automation: https://sans.org/sec505☆18Jun 8, 2017Updated 8 years ago
- A few scripts I put together for testing purposes and to automate a few capabilities while doing IR. These scripts are also part of my bl…☆55Jan 24, 2018Updated 8 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…☆15Jul 23, 2020Updated 5 years ago
- Various Malware-Related Utilities☆10Aug 4, 2016Updated 9 years ago
- The repository contains IOCs in CSV format for APT, Cyber Crimes, Malware and Trojan and whatever I found as part of hunting and research☆12Jun 10, 2017Updated 8 years ago
- The tutorial of "Kubernetes Security for Microservices"☆14Oct 3, 2023Updated 2 years ago
- Vulnerable Terraform Projects - Fork of https://github.com/bridgecrewio/terragoat☆17Apr 23, 2024Updated 2 years ago
- A multi-cloud setup of managed Kubernetes Clusters.☆20Mar 8, 2024Updated 2 years ago
- ☆16Apr 30, 2023Updated 3 years ago
- Creates an ATT&CK Navigator map of an Adversary Emulation Plan☆17Sep 4, 2021Updated 4 years ago
- the fastest way to consume threat intelligence.☆30Mar 9, 2023Updated 3 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Decentralized Cyber Threat Intelligence Kaizen Framework☆27Jan 31, 2022Updated 4 years ago
- Collection of scripts and tools related to the eCTHPv2 exam by INE.☆19Jun 12, 2022Updated 3 years ago
- A high-level HTTP / REST client for Node☆29Oct 2, 2020Updated 5 years ago
- ☆11Dec 7, 2025Updated 5 months ago
- Cybersecurity Incident Response Plan☆111Oct 2, 2020Updated 5 years ago
- Practical Information Sharing between Law Enforcement and CSIRT communities using MISP☆35Sep 18, 2023Updated 2 years ago
- Tool to transfer credential files from Firefox to your local machine to decrypt offline.☆22Nov 20, 2021Updated 4 years ago