w8mej/ThreatPlays external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

w8mej/ThreatPlays

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/w8mej/ThreatPlays)

Close

w8mej / ThreatPlaysView on GitHubMore

• External links
• Readme badge

Sharing Threat Hunting runbooks

☆25Jul 5, 2019Updated 6 years ago

Alternatives and similar repositories for ThreatPlays

Users that are interested in ThreatPlays are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• tobor88 / PowerShell-Blue-Team

  View on GitHub
  Collection of PowerShell functinos and scripts a Blue Teamer might use
  ☆88Oct 4, 2023Updated 2 years ago
• securycore / ThreatHunting

  View on GitHub
  Powershell collection designed to assist in Threat Hunting Windows systems.
  ☆27Apr 13, 2018Updated 7 years ago
• BlackPerl-DFIR / IR-Cheatsheets

  View on GitHub
  This Repository consists all Public Cheatsheets created by BlackPerl DFIR Content Team
  ☆20Oct 9, 2024Updated last year
• InfamousSYN / bloodhound-queries

  View on GitHub
  custom bloodhound queries and knowledge base
  ☆12Apr 16, 2024Updated last year
• limbenjamin / LogServiceCrash

  View on GitHub
  POC code to crash Windows Event Logger Service
  ☆27Oct 16, 2020Updated 5 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• tiburon-security / sriracha-iq

  View on GitHub
  Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…
  ☆18Apr 10, 2020Updated 5 years ago
• Securosis / The-CISOs-Guide-to-Cloud-Security

  View on GitHub
  ☆27Dec 6, 2013Updated 12 years ago
• sans-blue-team / sec555-wiki

  View on GitHub
  ☆77Jun 25, 2019Updated 6 years ago
• Securosis / BlackHatLabs

  View on GitHub
  ☆14Jun 28, 2017Updated 8 years ago
• bgraydon / lockview

  View on GitHub
  A small JS library to generate parametric SVG images of locks and keys, animate them and integrate onto web pages. Released as a support…
  ☆18Aug 10, 2022Updated 3 years ago
• Securosis / SecuritySquirrel

  View on GitHub
  ☆31Feb 24, 2014Updated 12 years ago
• sans-blue-team / blue-team-wiki

  View on GitHub
  Tools, techniques, cheat sheets, and other resources to assist those defending organizations and detecting adversaries
  ☆460Feb 4, 2022Updated 4 years ago
• randomuserid / Baltar

  View on GitHub
  Searches for Insider Threat Hunting
  ☆29May 2, 2019Updated 6 years ago
• csirtgadgets / verbose-robot

  View on GitHub
  The Fastest way to consume Threat Intel
  ☆26Apr 30, 2022Updated 3 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• TTP0 / info

  View on GitHub
  Public Landing Page
  ☆16Jan 7, 2023Updated 3 years ago
• Kirtar22 / Litmus_Test

  View on GitHub
  Detecting ATT&CK techniques & tactics for Linux
  ☆257Oct 1, 2020Updated 5 years ago
• MarkBaggett / domain_stats2

  View on GitHub
  ☆14Feb 8, 2020Updated 6 years ago
• iknowjason / GHOSTSPlayground

  View on GitHub
  A small security playground implementation of GHOSTS User Simulation framework with an Active Directory deployment and Elastic.
  ☆20Jul 17, 2024Updated last year
• w8mej / IRKnowledge

  View on GitHub
  A curated list of tools for incident response
  ☆34Mar 2, 2024Updated 2 years ago
• tropChaud / Cyber-Adversary-Heatmaps

  View on GitHub
  Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.
  ☆36Aug 12, 2022Updated 3 years ago
• TonyPhipps / Elasticstack

  View on GitHub
  FIles and guides related to using Elasticstack as a SIEM
  ☆12May 16, 2020Updated 5 years ago
• Cyb3rWard0g / CyberWardogLab

  View on GitHub
  A few scripts I put together for testing purposes and to automate a few capabilities while doing IR. These scripts are also part of my bl…
  ☆56Jan 24, 2018Updated 8 years ago
• AxtonGrams / terraform-provider-wiz

  View on GitHub
  Terraform provider for managing Wiz resources
  ☆30Dec 3, 2025Updated 3 months ago
• End-to-end encrypted cloud storage - Proton Drive • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
• issue2report / issue2report

  View on GitHub
  Generate pentest reports based on github issues.
  ☆15Dec 8, 2022Updated 3 years ago
• hajowieland / cdk-py-k8s-the-real-hard-way-aws

  View on GitHub
  Python CDK code for "Kubernetes The (real) Hard Way (AWS)"
  ☆17Jul 25, 2023Updated 2 years ago
• yasser-alghamdi / winterfell-hunt

  View on GitHub
  Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…
  ☆15Jul 23, 2020Updated 5 years ago
• thirdeyeintelligence / IOCs-in-CSV-format

  View on GitHub
  The repository contains IOCs in CSV format for APT, Cyber Crimes, Malware and Trojan and whatever I found as part of hunting and research
  ☆12Jun 10, 2017Updated 8 years ago
• PSSecTools / WindowsEventForwarding

  View on GitHub
  A module for working with Windows Event Collector service and maintain Windows Event Forwarding subscriptions.
  ☆35Dec 14, 2025Updated 3 months ago
• gsiddharth29 / Threat-Hunting

  View on GitHub
  Threat Hunt Investigation Methodology and Procedure
  ☆15Jul 11, 2022Updated 3 years ago
• beahunt3r / Windows-Hunting

  View on GitHub
  ☆349Mar 19, 2021Updated 5 years ago
• octodemo / advanced-security-terraform

  View on GitHub
  Vulnerable Terraform Projects - Fork of https://github.com/bridgecrewio/terragoat
  ☆17Apr 23, 2024Updated last year
• bobby-tablez / Windows-Sandbox-Flare-VM

  View on GitHub
  This config file will automatically convert a temporary Windows Sandbox environment into a Flare VM for malware analysis.
  ☆11Jan 3, 2025Updated last year
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• ReconInfoSec / adversary-emulation-map

  View on GitHub
  Creates an ATT&CK Navigator map of an Adversary Emulation Plan
  ☆17Sep 4, 2021Updated 4 years ago
• teamdfir / sift-packer-legacy

  View on GitHub
  Packer.io Scripts to build the SIFT VM(s)
  ☆10Aug 29, 2020Updated 5 years ago
• mandiant / pulsesecure_exploitation_countermeasures

  View on GitHub
  ☆23Jun 1, 2023Updated 2 years ago
• nttcom / metemcyber

  View on GitHub
  Decentralized Cyber Threat Intelligence Kaizen Framework
  ☆27Jan 31, 2022Updated 4 years ago
• annamcabee / Mitre-Attack-API

  View on GitHub
  Python module to interact with the MITRE attack framework via the MITRE API
  ☆89Nov 14, 2017Updated 8 years ago
• shutterstock / armrest

  View on GitHub
  A high-level HTTP / REST client for Node
  ☆29Oct 2, 2020Updated 5 years ago
• 0xph03n1x / eCTHPv2

  View on GitHub
  Collection of scripts and tools related to the eCTHPv2 exam by INE.
  ☆19Jun 12, 2022Updated 3 years ago