Alternatives and similar repositories for thor-lite:

Users that are interested in thor-lite are comparing it to the libraries listed below

• ThreatLabz / iocs
  This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports
  ☆73Updated 5 months ago
• MHaggis / notes
  Full of public notes and Utilities
  ☆98Updated 2 months ago
• swisscom / Invoke-Forensics
  Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.
  ☆114Updated last year
• The-DFIR-Report / Yara-Rules
  ☆68Updated 2 months ago
• dfirence / ma-insights-xe
  User Feedback Space of #MitreAssistant
  ☆37Updated last year
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 4 months ago
• AndrewRathbun / Awesome-KAPE
  A curated list of KAPE-related resources
  ☆166Updated this week
• yarox24 / EvtxHussar
  Initial triage of Windows Event logs
  ☆97Updated 10 months ago
• joshlemon / DFIR-Reference-Frameworks
  Repository of public reference frameworks for the DFIR community.
  ☆116Updated last year
• CrowdStrike / xwf-yara-scanner
  ☆87Updated last year
• ForensicArtifacts / artifacts-kb
  Digital Forensics Artifacts Knowledge Base
  ☆81Updated 11 months ago
• redhat-infosec / priority-intelligence-requirements-dev
  This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements
  ☆120Updated last year
• swisscom / ArtifactCollectionMatrix
  Forensic Artifact Collection Tool Matrix
  ☆84Updated 5 months ago
• docintelapp / DocIntel
  Open Source Platform for storing, organizing, and searching documents related to cyber threats
  ☆165Updated last year
• abusech / ThreatFox
  Open IOC sharing platform
  ☆56Updated 5 months ago
• securityjoes / ForensicMiner
  A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
  ☆155Updated last month
• socprime / the-prime-hunt
  A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation
  ☆77Updated 11 months ago
• 13Cubed / Abeebus
  A GeoIP lookup utility utilizing ipinfo.io services.
  ☆87Updated last year
• curated-intel / Threat-Actor-Profile-Guide
  The Threat Actor Profile Guide for CTI Analysts
  ☆106Updated last year
• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆37Updated 2 years ago
• dfir-scripts / siftgrab
  ☆68Updated 4 months ago
• EZToolsManuals / EZToolsManuals
  A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub
  ☆70Updated last year
• NVISOsecurity / evtx-hunter
  evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
  ☆152Updated 3 years ago
• BushidoUK / Exploring-APT-campaigns
  Further investigation in to APT campaigns disclosed by private security firms and security agencies
  ☆86Updated 2 years ago
• paladin316 / ThreatHunting
  This repo is where I store my Threat Hunting ideas/content
  ☆87Updated last year
• cti-cmm / framework
  A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry N…
  ☆30Updated 2 weeks ago
• BinaryDefense / ThreatHuntingJupyterNotebooks
  ☆58Updated 2 years ago
• LetMeR00t / TA-thehive-cortex
  Technical add-on for Splunk related to TheHive/Cortex from TheHive project
  ☆53Updated 2 weeks ago
• intel471 / CU-GIR
  Cyber Underground General Intelligence Requirements
  ☆92Updated last year
• mdecrevoisier / Splunk-input-windows-baseline
  Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…
  ☆90Updated 2 months ago