Alternatives and similar repositories for SentinelOne-Queries

Users that are interested in SentinelOne-Queries are comparing it to the libraries listed below

• keyboardcrunch / sentinelone-queries
  Repository of SentinelOne Deep Visibility queries.
  ☆135Updated 4 years ago
• acquiredsecurity / Sentinel-One-STAR-Rules-Threat-Hunts
  SentinelOne STAR Rules
  ☆71Updated 11 months ago
• mdecrevoisier / Splunk-input-windows-baseline
  Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…
  ☆94Updated 7 months ago
• keyboardcrunch / SentinelOne-ATTACK-Queries
  MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity
  ☆92Updated 5 years ago
• MHaggis / notes
  Full of public notes and Utilities
  ☆130Updated last month
• SentineLabs / S1QL-Queries
  ☆67Updated 2 years ago
• mgreen27 / DetectRaptor
  A repository to share publicly available Velociraptor detection content
  ☆194Updated this week
• Defenders-Guide / TheDefendersGuide
  The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson
  ☆159Updated 2 years ago
• mbabinski / Sigma-Rules
  A repository of my own Sigma detection rules.
  ☆163Updated 2 months ago
• pe3zx / crowdstrike-falcon-queries
  A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon
  ☆214Updated 5 years ago
• magicsword-io / sigconverter.io
  An opensource sigma conversion tool built using pysigma
  ☆157Updated 3 weeks ago
• WillOram / AzureAD-incident-response
  Notes on responding to security breaches relating to Azure AD
  ☆120Updated 3 years ago
• ANSSI-FR / DFIR4vSphere
  Powershell module for VMWare vSphere forensics
  ☆158Updated last year
• 0x706972686f / RMM-Catalogue
  ☆105Updated 7 months ago
• randomaccess3 / Awesome-BEC
  Repository of attack and defensive information for Business Email Compromise investigations
  ☆275Updated 8 months ago
• olafhartong / MDE-AuditCheck
  MDE relies on some of the Audit settings to be enabled
  ☆100Updated 3 years ago
• siriussecurity / dettectinator
  Dettectinator - The Python library to your DeTT&CT YAML files.
  ☆119Updated 2 weeks ago
• OTRF / OSSEM-DM
  OSSEM Detection Model
  ☆184Updated 3 years ago
• LogRhythm-Labs / Sigma
  Convert Sigma rules to LogRhythm searches
  ☆23Updated 3 years ago
• certeu / droid
  A pySigma wrapper to manage detection rules.
  ☆44Updated last week
• frack113 / sigma_redcanaryco
  Knowing which rule should trigger according to the redcannary test
  ☆11Updated last year
• Digital-Defense-Institute / triage.zip
  A preconfigured Velociraptor triage collector
  ☆73Updated last month
• PolarBearGod / CrowdStrike-RTR-Scripts
  ☆28Updated 4 years ago
• blueteam0ps / AllthingsTimesketch
  This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.
  ☆118Updated 2 years ago
• Cyb3r-Monk / RITA-J
  Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.
  ☆207Updated 3 years ago
• tsale / Sigma_rules
  Sigma rules to share with the community
  ☆123Updated last year
• target / Threat-Hunting
  Jupyter notebooks for threat hunting
  ☆60Updated 10 months ago
• ReconInfoSec / velociraptor-to-timesketch
  ☆14Updated last year
• magicsword-io / LOLRMM
  LotL RMM
  ☆289Updated this week
• microsoft / MSTIC-Sysmon
  Anything Sysmon related from the MSTIC R&D team
  ☆156Updated last year