w8mej/ThreatPlays external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

w8mej/ThreatPlays

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/w8mej/ThreatPlays)

Close

w8mej / ThreatPlaysView on GitHubMore

• External links
• Readme badge

Sharing Threat Hunting runbooks

☆26Jul 5, 2019Updated 6 years ago

Alternatives and similar repositories for ThreatPlays

Users that are interested in ThreatPlays are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• NotSoSecure / AD_delegation_hunting

  View on GitHub
  An attempt to automated hunting for delegation access across the domain
  ☆27Jan 17, 2019Updated 7 years ago
• w8mej / Threat_Modeling_Bank

  View on GitHub
  A curated threat modeling library collection
  ☆24Dec 1, 2023Updated 2 years ago
• tobor88 / PowerShell-Blue-Team

  View on GitHub
  Collection of PowerShell functinos and scripts a Blue Teamer might use
  ☆88Oct 4, 2023Updated 2 years ago
• securycore / ThreatHunting

  View on GitHub
  Powershell collection designed to assist in Threat Hunting Windows systems.
  ☆27Apr 13, 2018Updated 8 years ago
• BlackPerl-DFIR / IR-Cheatsheets

  View on GitHub
  This Repository consists all Public Cheatsheets created by BlackPerl DFIR Content Team
  ☆20Oct 9, 2024Updated last year
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• thirdeyeintelligence / Memoirs-of-a-Threat-Hunter

  View on GitHub
  My personal experience in Threat Hunting and knowledge gained so far.
  ☆19May 27, 2017Updated 8 years ago
• InfamousSYN / bloodhound-queries

  View on GitHub
  custom bloodhound queries and knowledge base
  ☆12Apr 16, 2024Updated 2 years ago
• LearningKijo / LearningKijo

  View on GitHub
  Config files for my GitHub profile.
  ☆26Apr 16, 2025Updated last year
• tiburon-security / sriracha-iq

  View on GitHub
  Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…
  ☆18Apr 10, 2020Updated 6 years ago
• Securosis / The-CISOs-Guide-to-Cloud-Security

  View on GitHub
  ☆27Dec 6, 2013Updated 12 years ago
• sans-blue-team / sec555-wiki

  View on GitHub
  ☆78Jun 25, 2019Updated 6 years ago
• Securosis / BlackHatLabs

  View on GitHub
  ☆14Jun 28, 2017Updated 8 years ago
• asecurityguru / just-another-vulnerable-java-application

  View on GitHub
  ☆11Feb 8, 2026Updated 3 months ago
• bgraydon / lockview

  View on GitHub
  A small JS library to generate parametric SVG images of locks and keys, animate them and integrate onto web pages. Released as a support…
  ☆18Aug 10, 2022Updated 3 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• usnistgov / opensource

  View on GitHub
  Public home for NIST open source software catalog
  ☆19Mar 26, 2026Updated last month
• Securosis / SecuritySquirrel

  View on GitHub
  ☆31Feb 24, 2014Updated 12 years ago
• sans-blue-team / blue-team-wiki

  View on GitHub
  Tools, techniques, cheat sheets, and other resources to assist those defending organizations and detecting adversaries
  ☆462Feb 4, 2022Updated 4 years ago
• randomuserid / Baltar

  View on GitHub
  Searches for Insider Threat Hunting
  ☆30May 2, 2019Updated 7 years ago
• csirtgadgets / verbose-robot

  View on GitHub
  The Fastest way to consume Threat Intel
  ☆26Apr 30, 2022Updated 4 years ago
• secprentice / PowerShellWatchlist

  View on GitHub
  List of PowerShell commands and commandlets that should be in your Powershel watchlist
  ☆39Jul 22, 2021Updated 4 years ago
• TTP0 / info

  View on GitHub
  Public Landing Page
  ☆16Jan 7, 2023Updated 3 years ago
• Kirtar22 / Litmus_Test

  View on GitHub
  Detecting ATT&CK techniques & tactics for Linux
  ☆257Oct 1, 2020Updated 5 years ago
• MarkBaggett / domain_stats2

  View on GitHub
  ☆14Feb 8, 2020Updated 6 years ago
• Serverless GPU API endpoints on Runpod - Get Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• iknowjason / GHOSTSPlayground

  View on GitHub
  A small security playground implementation of GHOSTS User Simulation framework with an Active Directory deployment and Elastic.
  ☆20Jul 17, 2024Updated last year
• w8mej / IRKnowledge

  View on GitHub
  A curated list of tools for incident response
  ☆34Mar 2, 2024Updated 2 years ago
• TonyPhipps / Elasticstack

  View on GitHub
  FIles and guides related to using Elasticstack as a SIEM
  ☆12May 16, 2020Updated 5 years ago
• SamuelArnold / SANS-SEC505

  View on GitHub
  Some of the lab files for the SANS Institute course SEC505: Securing Windows and PowerShell Automation: https://sans.org/sec505
  ☆18Jun 8, 2017Updated 8 years ago
• Cyb3rWard0g / CyberWardogLab

  View on GitHub
  A few scripts I put together for testing purposes and to automate a few capabilities while doing IR. These scripts are also part of my bl…
  ☆56Jan 24, 2018Updated 8 years ago
• AxtonGrams / terraform-provider-wiz

  View on GitHub
  Terraform provider for managing Wiz resources
  ☆29Dec 3, 2025Updated 5 months ago
• hajowieland / cdk-py-k8s-the-real-hard-way-aws

  View on GitHub
  Python CDK code for "Kubernetes The (real) Hard Way (AWS)"
  ☆17Jul 25, 2023Updated 2 years ago
• yasser-alghamdi / winterfell-hunt

  View on GitHub
  Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…
  ☆15Jul 23, 2020Updated 5 years ago
• jjo-sec / malware

  View on GitHub
  Various Malware-Related Utilities
  ☆10Aug 4, 2016Updated 9 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• thirdeyeintelligence / IOCs-in-CSV-format

  View on GitHub
  The repository contains IOCs in CSV format for APT, Cyber Crimes, Malware and Trojan and whatever I found as part of hunting and research
  ☆12Jun 10, 2017Updated 8 years ago
• PSSecTools / WindowsEventForwarding

  View on GitHub
  A module for working with Windows Event Collector service and maintain Windows Event Forwarding subscriptions.
  ☆35Dec 14, 2025Updated 4 months ago
• gsiddharth29 / Threat-Hunting

  View on GitHub
  Threat Hunt Investigation Methodology and Procedure
  ☆15Jul 11, 2022Updated 3 years ago
• beahunt3r / Windows-Hunting

  View on GitHub
  ☆350Mar 19, 2021Updated 5 years ago
• rung / tutorial-gke-security

  View on GitHub
  The tutorial of "Kubernetes Security for Microservices"
  ☆14Oct 3, 2023Updated 2 years ago
• octodemo / advanced-security-terraform

  View on GitHub
  Vulnerable Terraform Projects - Fork of https://github.com/bridgecrewio/terragoat
  ☆17Apr 23, 2024Updated 2 years ago
• ksatirli / multi-cloud-kubernetes

  View on GitHub
  A multi-cloud setup of managed Kubernetes Clusters.
  ☆20Mar 8, 2024Updated 2 years ago