Alternatives and similar repositories for CAST:

Users that are interested in CAST are comparing it to the libraries listed below

• jangeisbauer / gundog
  gundog - guided hunting in Microsoft Defender
  ☆52Updated 4 years ago
• YossiSassi / Get-UserSession
  Query user sessions for the entire domain (Interactive/RDP etc), allowing you to query a Username and see all their logged on sessions, w…
  ☆92Updated last month
• gmellini / Microsoft-Defender-Security-Center-Hunting-Queries
  Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…
  ☆39Updated 4 years ago
• olafhartong / MDE-AuditCheck
  MDE relies on some of the Audit settings to be enabled
  ☆97Updated 2 years ago
• NetSPI / PowerHunt
  PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.
  ☆70Updated 4 months ago
• p0w3rsh3ll / NetCease
  ☆62Updated 3 years ago
• humio / security_monitoring
  ☆41Updated 2 years ago
• LaresLLC / SysmonConfigPusher
  Pushes Sysmon Configs
  ☆88Updated 3 years ago
• fragtastic / cis-benchmark-converter
  Converts text dumps from CIS Benchmark PDFs to CSV & Excel formats.
  ☆60Updated 9 months ago
• hesaad / M365DPlaybooks
  M365 Defender SOC Playbooks
  ☆24Updated 2 years ago
• CrowdStrike / Falcon-Toolkit
  Unleash the power of the Falcon Platform at the CLI
  ☆117Updated this week
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆63Updated 2 years ago
• netwrix / PingCastleCloud
  Audit program for AzureAD
  ☆147Updated last year
• SophosRapidResponse / OSQuery
  ☆83Updated 2 months ago
• tobor88 / PowerShell-Blue-Team
  Collection of PowerShell functinos and scripts a Blue Teamer might use
  ☆83Updated last year
• rapid7 / insightvm-sql-queries
  InsightVM helpful SQL queries
  ☆64Updated 2 months ago
• invictus-ir / Blue-team-app-Office-365-and-Azure
  ☆72Updated 6 months ago
• PwC-IR / MIA-MailItemsAccessed-
  Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features…
  ☆41Updated 4 years ago
• soteria-security / ADInspect
  A PowerShell script that automates the security assessment of Microsoft Active Directory environments.
  ☆65Updated 2 years ago
• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆70Updated last year
• malwarejake-public / conference-presentations
  Conference presentations
  ☆47Updated last year
• hackjalstead / IRCP
  A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments
  ☆65Updated 3 years ago
• mikoiv / MicrosoftSentinel-ShodanMonitor
  Ingesting Shodan Monitor Alerts to Microsoft Sentinel
  ☆34Updated last year
• thinkst / canary-utils
  Collection of useful Canary tools
  ☆78Updated 3 weeks ago
• Silv3rHorn / BulkStrike
  BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.
  ☆42Updated 2 years ago
• GossiTheDog / scanning
  ☆162Updated last year
• rtkwlf / wolf-tools
  Tools and scripts by Arctic Wolf
  ☆67Updated last year
• CrowdStrike / community
  CrowdStrike's Open Source Policy & Contribution Guide
  ☆39Updated last month
• iknowjason / BlueCloud
  Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
  ☆134Updated 2 years ago
• fireeye / CVE-2021-44228
  OpenIOC rules to facilitate hunting for indicators of compromise
  ☆37Updated 3 years ago