Alternatives and similar repositories for logcraft-cli:

Users that are interested in logcraft-cli are comparing it to the libraries listed below

• LogRhythm-Labs / Sigma
  Convert Sigma rules to LogRhythm searches
  ☆20Updated 3 years ago
• CrowdStrike / MISP-tools
  Import CrowdStrike Threat Intelligence into your instance of MISP
  ☆44Updated last week
• austinsonger / Elastic-Security
  Repo for Automations and other solutions for Elastic SIEM/Security.
  ☆18Updated 3 years ago
• keyboardcrunch / SentinelOne-Query-Navigator
  Web based S1 query navigator for one-click threat hunting
  ☆18Updated 4 years ago
• counteractive / incident-response-collector
  ☆16Updated 4 years ago
• cylaris / awesomekql
  Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs
  ☆52Updated last year
• guardsight / gsvsoc_mission-model
  Incident Response Report Using GitHub-Sphinx
  ☆20Updated 5 years ago
• WillOram / cyber-incident-management
  Notes on managing and coordinating the response to major cyber incidents
  ☆40Updated 4 years ago
• PwC-IR / MIA-MailItemsAccessed-
  Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features…
  ☆39Updated 4 years ago
• Truvis / SplunkDashboards
  Collection of Dashboards for Threat Hunting and more!
  ☆65Updated 4 years ago
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆39Updated 10 months ago
• invictus-ir / Blue-team-app-Office-365-and-Azure
  ☆72Updated 5 months ago
• Intellisec-Solutions / Sentinel2D3FEND
  This code snippet retrieves Azure Sentinel rules that are mapped to MITRE ATT&CK Framework and generates the related MITRE D3FEND defense…
  ☆71Updated 3 years ago
• alexverboon / DefenderResourceHub
  Defender Resource Hub
  ☆15Updated 2 weeks ago
• stahler / QRadar
  Using QRadar API
  ☆20Updated 7 years ago
• Shuffle / workflows
  Workflows for Shuffle
  ☆21Updated 2 years ago
• infosecB / detection-as-code
  An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
  ☆54Updated 3 years ago
• karthikkbala / MISP-QRadar-Integration
  The Project can be used to integrate QRadar with MISP Threat Sharing Platform
  ☆39Updated 2 years ago
• center-for-threat-informed-defense / summiting-the-pyramid
  Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…
  ☆36Updated this week
• 0xAnalyst / DefenderATPQueries
  Hunting Queries for Defender ATP
  ☆81Updated last week
• Loginsoft-LLC / threat-detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆51Updated 2 years ago
• frack113 / sigma_redcanaryco
  Knowing which rule should trigger according to the redcannary test
  ☆11Updated 4 months ago
• guardsight / gsvsoc_cybersecurity-incident-response-plan
  Cybersecurity Incident Response Plan
  ☆89Updated 4 years ago
• blackstork-io / fabric-templates
  Open-source Fabric templates for cybersecurity and compliance
  ☆16Updated 2 months ago
• Starke427 / Windows-Security-Policy
  Specific guidance and configuration scripts based on Microsoft-recommended security configuration baselines for Windows.
  ☆13Updated 4 years ago
• inodee / spl-to-kql
  The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…
  ☆40Updated 4 years ago
• Velocidex / eql2vql
  Transform EQL detection rules to VQL artifacts
  ☆11Updated 3 years ago
• aacgood / Cortex-Analyzers
  A collection of Cortex Analyzers and Responders for TheHive/Cortex
  ☆13Updated 5 years ago
• mdecrevoisier / Windows-auditing-baseline
  Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.
  ☆52Updated 2 months ago
• signorrayan / SplunkThreatHunting
  This repository contains Splunk queries to hunt some anomalies
  ☆39Updated 2 years ago