Alternatives and similar repositories for community

Users that are interested in community are comparing it to the libraries listed below

• OTRF / infosec-jupyter-book
  The Infosec Community Definitive Guide to Jupyter Notebooks
  ☆122Updated 4 years ago
• cisagov / ioc-scanner
  Search a filesystem for indicators of compromise (IoC).
  ☆74Updated last month
• PwC-IR / MIA-MailItemsAccessed-
  Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features…
  ☆41Updated 4 years ago
• Intellisec-Solutions / Sentinel2D3FEND
  This code snippet retrieves Azure Sentinel rules that are mapped to MITRE ATT&CK Framework and generates the related MITRE D3FEND defense…
  ☆72Updated 4 years ago
• cylaris / awesomekql
  Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs
  ☆55Updated last year
• invictus-ir / Blue-team-app-Office-365-and-Azure
  ☆72Updated 8 months ago
• SophosRapidResponse / OSQuery
  ☆85Updated 4 months ago
• Bert-JanP / SecScripts
  Security Scripts and Sources for daily usage.
  ☆64Updated last month
• PwC-IR / Office-365-Extractor
  The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)
  ☆264Updated 3 years ago
• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆70Updated 2 years ago
• CrowdStrike / Falcon-Toolkit
  Unleash the power of the Falcon Platform at the CLI
  ☆121Updated last week
• cutaway-security / sawh
  Stand-Alone Windows Hardening (SAWH) is a script to reduce the attack surface of Windows systems that are not attached to a Windows Activ…
  ☆53Updated 3 years ago
• tobor88 / PowerShell-Blue-Team
  Collection of PowerShell functinos and scripts a Blue Teamer might use
  ☆84Updated last year
• guardsight / gsvsoc_cybersecurity-incident-response-plan
  Cybersecurity Incident Response Plan
  ☆91Updated 4 years ago
• keyboardcrunch / SentinelOne-Query-Navigator
  Web based S1 query navigator for one-click threat hunting
  ☆21Updated 4 years ago
• CrowdStrike / MISP-tools
  Import CrowdStrike Threat Intelligence into your instance of MISP
  ☆47Updated last month
• jangeisbauer / AdvancedHunting
  Advanced Hunting Queries for Microsoft Security Products
  ☆107Updated 2 years ago
• TheHive-Project / Zerofox2TH
  Zerofox Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform
  ☆38Updated 5 years ago
• keyboardcrunch / sentinelone-queries
  Repository of SentinelOne Deep Visibility queries.
  ☆127Updated 4 years ago
• activecm / threat-tools
  Tools for simulating threats
  ☆188Updated last year
• ashwin-patil / blue-teaming-with-kql
  Repository with Sample KQL Query examples for Threat Hunting
  ☆215Updated 2 years ago
• lawndoc / AdvancedHuntingQueries
  Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant.
  ☆125Updated 3 weeks ago
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆44Updated last year
• redcanaryco / surveyor
  A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.
  ☆219Updated 3 months ago
• rootsecdev / Microsoft-Blue-Forest
  Creating a hardened "Blue Forest" with Server 2016/2019 Domain Controllers
  ☆264Updated 9 months ago
• malwarejake-public / conference-presentations
  Conference presentations
  ☆47Updated last year
• microsoft / AzDetectSuite
  A collection of ARM-based detections for Azure/AzureAD based TTPs
  ☆88Updated last year
• ANSSI-FR / DFIR-O365RC
  PowerShell module for Office 365 and Azure log collection
  ☆268Updated 4 months ago
• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆38Updated 2 years ago
• infosecB / detection-as-code
  An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
  ☆57Updated 3 years ago