Alternatives and similar repositories for mpsiemlib

Users that are interested in mpsiemlib are comparing it to the libraries listed below

• feedb / MPSiem_addons
  реп полезностей для PT MaxPatrol SIEM
  ☆24Updated last year
• Security-Experts-Community / ERMACK
  Enterprise Response Model & Common Knowledge
  ☆37Updated last month
• Security-Experts-Community / siem-monkey
  Chrome extension for SOC automations
  ☆35Updated 3 weeks ago
• StevenD33 / Lab-DFIR-SOC
  ☆68Updated 4 years ago
• giorgioditizio / APTs-database
  A repository with data about APTs
  ☆13Updated 2 years ago
• k-sec-tools / ExchangeFilter
  ☆20Updated 3 years ago
• rstcloud / rstthreats
  Aggregated Indicators of Compromise collected and cross-verified from multiple open and community-supported sources, enriched and ranked …
  ☆34Updated 11 months ago
• bi-zone / triage
  A free data collection and YARA scanning tool for cybersecurity incident investigation, compromise assessment and threat hunting
  ☆17Updated 9 months ago
• theflakes / Linux_Forensic_Harvester
  Harvest Linux forensic data for operational triage of an event.
  ☆51Updated last year
• swisscom / ArtifactCollectionMatrix
  Forensic Artifact Collection Tool Matrix
  ☆88Updated 9 months ago
• theflakes / reg_hunter
  Blueteam operational triage registry hunting/forensic tool.
  ☆149Updated 2 years ago
• corelight / Dashboards-Splunk-DNS-Hunting-Beaconing
  DNS Dashboard for hunting and identifying beaconing
  ☆16Updated 5 years ago
• dcarlin / Blue-Team-Tools
  This contains a list of Blue Team Tools that I use daily, and have stored here for reference.
  ☆34Updated 7 years ago
• Prelude-SIEM / Prelude-SIEM
  The official Prelude SIEM GitHub of https://www.prelude-siem.org
  ☆31Updated 9 years ago
• docker-forensics-toolkit / toolkit
  A toolkit for the post-mortem examination of Docker containers from forensic HDD copies
  ☆104Updated last year
• CERT-Bund / IRNetTools
  Incident Response Network Tools
  ☆24Updated 4 years ago
• The-DFIR-Report / Yara-Rules
  ☆69Updated 5 months ago
• blackberry / threat-research-and-intelligence
  BlackBerry Threat Research & Intelligence
  ☆98Updated last year
• swimlane / atomic-operator
  A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.
  ☆134Updated last year
• DCScoder / ESXiTri
  ESXi Cyber Security Incident Response Script
  ☆25Updated 11 months ago
• cdefid / TheHiveIRPlaybook
  TheHiveIRPlaybook is a collection of TheHive case templates used for Incident Response
  ☆13Updated 5 years ago
• bi-zone / Log4j_Detector
  Detection of Log4j in memory
  ☆40Updated 3 years ago
• Neo23x0 / Loki2
  LOKI2 - Simple IOC and YARA Scanner
  ☆98Updated last month
• ashemery / WindowsDFIR
  Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…
  ☆78Updated 4 years ago
• mitre / training
  A CALDERA plugin
  ☆26Updated last year
• nturley3 / zeek-kerberos-haters-guide
  Kerberos Haters Guide to Zeek Threat Hunting
  ☆30Updated 3 years ago
• thremulation-station / thremulation-station
  Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
  ☆38Updated last year
• NextronSystems / thor-lite
  Fast IOC and YARA Scanner
  ☆81Updated 5 years ago
• mthcht / ThreatHunting-Keywords-sigma-rules
  Sigma detection rules for hunting with the threathunting-keywords project
  ☆56Updated 5 months ago
• microsoft / MSTIC-Sysmon
  Anything Sysmon related from the MSTIC R&D team
  ☆155Updated last year