Alternatives and similar repositories for ProjectBrightSun

Users that are interested in ProjectBrightSun are comparing it to the libraries listed below

• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆79Updated this week
• iknowjason / BlueCloud
  Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
  ☆145Updated 3 years ago
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆51Updated last year
• clausing / scripts
  ☆78Updated 3 weeks ago
• weslambert / DinoSOARLab
  Security Onion + Automation + Response Lab including n8n and Velociraptor
  ☆114Updated 3 years ago
• ReconInfoSec / graylog2thehive
  Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.
  ☆45Updated 5 years ago
• w8mej / ThreatPlays
  Sharing Threat Hunting runbooks
  ☆25Updated 6 years ago
• DFIRmadness / infosec-fortress
  A python script to turn Ubuntu Desktop in a one stop security platform. The InfoSec Fortress installs the packages,tools, and resources t…
  ☆56Updated 4 years ago
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆66Updated 3 years ago
• RH-ISAC / PyOTI
  Python library for threat intelligence
  ☆93Updated last year
• nettitude / defensive-scripts
  Defence Against the Dark Arts
  ☆34Updated 6 years ago
• kanecain1981 / SANS_Index_Helper_Tool
  Python command line tool used for generating GIAC Certification indexes.
  ☆29Updated 2 years ago
• thinkst / canary-utils
  Collection of useful Canary tools
  ☆93Updated last week
• capesstack / capes-docker
  Cyber Analytics Platform and Examination System (CAPES) Project Page
  ☆14Updated 4 years ago
• NettleSec / TriOp
  Tool for quickly gathering information from Shodan.io about the number of IPs which satisfy large number of different queries
  ☆52Updated 3 years ago
• Velocidex / cloudvelo
  An experimental Velociraptor implementation using cloud infrastructure
  ☆26Updated 2 months ago
• swisscom / Invoke-Forensics
  Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.
  ☆117Updated 2 years ago
• corelight / Elasticsearch_rules
  Elastic version of SOC prime watcher rules
  ☆30Updated last year
• sans-blue-team / sec530-wiki
  ☆56Updated 4 years ago
• Bert-JanP / Domain-Response
  Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…
  ☆49Updated last month
• tenable / atomic-red-team
  Small and highly portable detection tests based on MITRE's ATT&CK.
  ☆10Updated 11 months ago
• center-for-threat-informed-defense / caldera_pathfinder
  Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translatin…
  ☆128Updated 10 months ago
• bengoerz / PurpleTeamDocs
  ☆29Updated 5 years ago
• DefensiveOrigins / DO-LAB
  ☆50Updated last week
• palantir / phishcatch
  A browser extension and API server for detecting corporate password use on external websites
  ☆96Updated 4 months ago
• cado-security / rip_raw
  Rip Raw is a small tool to analyse the memory of compromised Linux systems.
  ☆134Updated 4 years ago
• neolea / neolea-training-materials
  Open source training materials for law-enforcement and organisations interested in DFIR.
  ☆63Updated 8 months ago
• aboutsecurity / jupyter-notebooks
  My Jupyter Notebooks
  ☆36Updated 10 months ago
• mandiant / thiri-notebook
  The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…
  ☆154Updated 3 years ago
• jafarspalace / Crowdstrike-Falcon-Scripts
  Powershell Scripts to work on Crowdstrike Falcon that pull back raw data relevant to forensic investigation
  ☆23Updated last year