Alternatives and similar repositories for SIEM-Cheat-Sheet:

Users that are interested in SIEM-Cheat-Sheet are comparing it to the libraries listed below

• LetsDefend / Phishing-Email-Analysis
  Useful resources about phishing email analysis
  ☆81Updated 2 months ago
• abdulshareef / DFIR-Resources
  Some important DFIR Resources
  ☆83Updated 2 years ago
• SoulSec / resource-threat-hunting
  Repository resource for threat hunter
  ☆158Updated 6 years ago
• BankSecurity / Threat_Hunting
  Some Threat Hunting queries useful for blue teamers
  ☆125Updated 2 years ago
• dahvidschloss / CRASH
  Completely Risky Active-Directory Simulation Hub
  ☆99Updated last year
• MalTrakLab / purple-team-cloud-lab
  Cloud-based AD lab created to help you test real attacks in a controlled environment and create detection rules for them
  ☆28Updated last year
• Sam0x90 / CB-Threat-Hunting
  CarbonBlack EDR detection rules and response actions
  ☆71Updated 7 months ago
• LetsDefend / incident-response-playbooks
  ☆173Updated last year
• adanalvarez / AWS-malware-lab
  Creation of a laboratory for malware analysis in AWS
  ☆95Updated 2 years ago
• CTI-Driven / LOLBins
  The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…
  ☆121Updated last year
• saidhfm / Cloud-Threat-Detection-Lab-AWS
  ☆32Updated 5 months ago
• securityjoes / ForensicMiner
  A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
  ☆154Updated last week
• archanchoudhury / DFIR-Tools
  This is the One Stop place where you can find almost all of your Tools of Requirements in DFIR
  ☆77Updated 3 years ago
• secure-cake / win-mal-investigations
  Windows Malware Investigation Scripts & Docs
  ☆81Updated 5 months ago
• MISP / misp-playbooks
  MISP Playbooks
  ☆194Updated 2 months ago
• montysecurity / InfraHunter
  Actively hunt for attacker infrastructure by filtering Shodan results with URLScan data.
  ☆61Updated 8 months ago
• deFr0ggy / NightOwl
  An offline Phishing Email Analyzer. Enabling non-techies to analyze phishing emails automatically!
  ☆61Updated last year
• isherwood-sec / detection-engineering
  ☆47Updated last month
• The-DFIR-Report / DFIR-Artifacts
  Repository for sharing examples of our artifacts data and for use in new analyst recruitment.
  ☆90Updated this week
• tidalcyber / cyber-threat-profiling
  A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense
  ☆83Updated last year
• maddev-engenuity / AdversaryEmulation
  MAD ATT&CK Defender: ATT&CK Adversary Emulation Repository
  ☆113Updated last year
• mthcht / Purpleteam
  Purpleteam scripts simulation & Detection - trigger events for SOC detections
  ☆184Updated 3 months ago
• dfircheatsheet / dfircheatsheet.github.io
  ☆65Updated 2 years ago
• 0xHasanM / LogonSessionAuditor
  This tool parses Windows EVTX logs to extract login and logout sessions from a security.evtx file. It uses a Tkinter GUI to let you selec…
  ☆32Updated last month
• paladin316 / ThreatHunting
  This repo is where I store my Threat Hunting ideas/content
  ☆87Updated last year
• op7ic / BlueTeam.Lab
  Blue Team detection lab created with Terraform and Ansible in Azure.
  ☆153Updated 4 months ago
• ine-labs / ThreatSeeker
  ThreatSeeker: Threat Hunting via Windows Event Logs
  ☆120Updated last year
• RanjitPatil / Static-Dynamic-Malware-Analysis
  ☆13Updated 2 years ago
• Sam0x90 / CTI
  Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on
  ☆81Updated 11 months ago
• socprime / the-prime-hunt
  A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation
  ☆77Updated 10 months ago