Alternatives and similar repositories for detection:

Users that are interested in detection are comparing it to the libraries listed below

• dfir-ronin / APT-OpenIOC-Detection-Rules
  This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…
  ☆24Updated last year
• StefanKelm / yara-rules
  Links to malware-related YARA rules
  ☆15Updated 2 years ago
• CIRCL / factual-rules-generator
  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
  ☆76Updated 3 years ago
• stvemillertime / RonnieColemanYARAParser
  An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.
  ☆21Updated 2 years ago
• r00tten / VTI-Cosplay
  Low budget VirusTotal Intelligence Cosplay
  ☆20Updated 3 years ago
• ruppde / yara_rules
  Yara rules
  ☆21Updated 2 years ago
• alwashmi / MasterParser
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆22Updated 3 years ago
• imp0rtp3 / Yobi
  Yara Based Detection Engine for web browsers
  ☆47Updated 3 years ago
• jstrosch / subparse
  Modular malware analysis artifact collection and correlation framework
  ☆53Updated last year
• invoke-eric / jupyter
  Jupyter Notebooks for Cyber Threat Intelligence
  ☆35Updated last year
• 3c7 / infrastructure-tracking-schema
  ☆24Updated 2 years ago
• edelucia / rules
  Cyber Threats Detection Rules
  ☆14Updated 4 months ago
• cudeso / dfir-iris-misp-timesketch
  Scripts to integrate DFIR-IRIS, MISP and TimeSketch
  ☆34Updated 3 years ago
• jeFF0Falltrades / YARA-Signatures
  A collection of my public YARA signatures for various malware families
  ☆29Updated 7 months ago
• 3c7 / bazaar
  Python based CLI for MalwareBazaar
  ☆37Updated 6 months ago
• blueteam0ps / det-eng-samples
  This repository contains sample log data that were collected after running adversary simulations in Microsoft 365
  ☆20Updated 6 months ago
• cyentific-rni / SAG
  An elevated STIX representation of the MITRE ATT&CK Groups knowledge base
  ☆23Updated 2 years ago
• zeflow / Sigma2SplunkAlert
  Converts Sigma detection rules to a Splunk alert configuration.
  ☆13Updated 3 years ago
• MISP / SkillAegis
  SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…
  ☆27Updated last week
• cudeso / misp-scraper
  A web scraper to create MISP events and reports
  ☆14Updated 3 weeks ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆55Updated 10 months ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆35Updated 2 years ago
• jshlbrd / threat-hunting-pocket-guide
  pocket guide for core threat hunting concepts
  ☆23Updated 5 years ago
• priamai / sigmatau
  An extension of the sigma standard to include security metrics.
  ☆15Updated last year
• cti-cmm / framework
  A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry N…
  ☆30Updated 2 weeks ago
• elastic / sans-dfir-2022
  Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"
  ☆11Updated 3 months ago
• DissectMalware / MDIExtractor
  ☆15Updated 3 years ago
• stvemillertime / Cerebro
  Scripts and lists to help generate YARA friendly string mutations
  ☆21Updated 2 years ago
• mdecrevoisier / Windows-authentication-brutforce-cheatsheet
  Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.
  ☆18Updated last year
• threatcat-ch / malware-analysis-pipeline
  Lightweight Python-Based Malware Analysis Pipeline
  ☆34Updated 2 weeks ago