Alternatives and similar repositories for logcraft-cli:

Users that are interested in logcraft-cli are comparing it to the libraries listed below

• keyboardcrunch / SentinelOne-Query-Navigator
  Web based S1 query navigator for one-click threat hunting
  ☆19Updated 4 years ago
• LogRhythm-Labs / Sigma
  Convert Sigma rules to LogRhythm searches
  ☆21Updated 3 years ago
• cylaris / awesomekql
  Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs
  ☆53Updated last year
• alexverboon / DefenderResourceHub
  Defender Resource Hub
  ☆22Updated last month
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆41Updated last year
• karthikkbala / MISP-QRadar-Integration
  The Project can be used to integrate QRadar with MISP Threat Sharing Platform
  ☆39Updated 2 years ago
• PwC-IR / MIA-MailItemsAccessed-
  Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features…
  ☆41Updated 4 years ago
• center-for-threat-informed-defense / summiting-the-pyramid
  Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…
  ☆38Updated last month
• 0xAnalyst / DefenderATPQueries
  Hunting Queries for Defender ATP
  ☆81Updated 3 weeks ago
• WillOram / cyber-incident-management
  Notes on managing and coordinating the response to major cyber incidents
  ☆41Updated 4 years ago
• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆37Updated 2 years ago
• guardsight / gsvsoc_mission-model
  Incident Response Report Using GitHub-Sphinx
  ☆20Updated 5 years ago
• stahler / QRadar
  Using QRadar API
  ☆20Updated 7 years ago
• invictus-ir / Blue-team-app-Office-365-and-Azure
  ☆72Updated 6 months ago
• msraju / Incident-Response-Playbooks
  ☆42Updated 2 years ago
• Intellisec-Solutions / Sentinel2D3FEND
  This code snippet retrieves Azure Sentinel rules that are mapped to MITRE ATT&CK Framework and generates the related MITRE D3FEND defense…
  ☆71Updated 3 years ago
• SigmaHQ / pySigma-backend-splunk
  pySigma Splunk backend
  ☆38Updated 2 months ago
• CrowdStrike / MISP-tools
  Import CrowdStrike Threat Intelligence into your instance of MISP
  ☆46Updated last month
• SecurityBagel / MITRE_ATTACK_PowerBI_
  MITRE ATT&CK Based App in Power BI
  ☆13Updated last year
• acquiredsecurity / Sentinel-One-STAR-Rules-Threat-Hunts
  SentinelOne STAR Rules
  ☆60Updated 2 months ago
• austinsonger / Elastic-Security
  Repo for Automations and other solutions for Elastic SIEM/Security.
  ☆18Updated 3 years ago
• nobody-cares / Incident-Response-Plan
  Incident Response Plan for all major incidents including cheatsheets for both linux and windows
  ☆14Updated 4 years ago
• west-wind / Threat-Hunting-With-Splunk
  Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise
  ☆63Updated last year
• Shuffle / workflows
  Workflows for Shuffle
  ☆21Updated 2 years ago
• frack113 / sigma_redcanaryco
  Knowing which rule should trigger according to the redcannary test
  ☆11Updated 5 months ago
• FalconForceTeam / KQLAnalyzer
  REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.
  ☆32Updated 3 months ago
• aacgood / Cortex-Analyzers
  A collection of Cortex Analyzers and Responders for TheHive/Cortex
  ☆13Updated 5 years ago
• infosecB / detection-as-code
  An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
  ☆55Updated 3 years ago
• threat-hunting / awesome-threat-detection
  A curated list of awesome threat detection and hunting resources
  ☆16Updated 6 years ago
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 4 months ago