Alternatives and similar repositories for thor-lite

Users that are interested in thor-lite are comparing it to the libraries listed below

• The-DFIR-Report / Yara-Rules
  ☆68Updated 3 months ago
• ThreatLabz / iocs
  This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports
  ☆73Updated 7 months ago
• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆38Updated 2 years ago
• CrowdStrike / xwf-yara-scanner
  ☆87Updated last year
• 13Cubed / Abeebus
  A GeoIP lookup utility utilizing ipinfo.io services.
  ☆88Updated last year
• joshlemon / DFIR-Reference-Frameworks
  Repository of public reference frameworks for the DFIR community.
  ☆116Updated last year
• tsale / Sigma_rules
  Sigma rules to share with the community
  ☆122Updated 4 months ago
• dfirence / ma-insights-xe
  User Feedback Space of #MitreAssistant
  ☆37Updated 2 years ago
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 6 months ago
• MHaggis / notes
  Full of public notes and Utilities
  ☆117Updated 4 months ago
• swisscom / Invoke-Forensics
  Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.
  ☆114Updated last year
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆55Updated 5 years ago
• ForensicArtifacts / artifacts-kb
  Digital Forensics Artifacts Knowledge Base
  ☆82Updated last year
• vadim-hunter / Detection-Ideas-Rules
  Detection Ideas & Rules repository.
  ☆179Updated 3 years ago
• swisscom / ArtifactCollectionMatrix
  Forensic Artifact Collection Tool Matrix
  ☆85Updated 7 months ago
• theflakes / sigma_to_wazuh
  Convert Sigma rules to Wazuh rules
  ☆67Updated last year
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆44Updated 4 years ago
• paladin316 / ThreatHunting
  This repo is where I store my Threat Hunting ideas/content
  ☆88Updated 2 years ago
• splunk / attack-detections-collector
  Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique
  ☆67Updated last year
• NVISOsecurity / evtx-hunter
  evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
  ☆154Updated 3 years ago
• redhat-infosec / priority-intelligence-requirements-dev
  This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements
  ☆122Updated last year
• The-DFIR-Report / Sigma-Rules
  Rules generated from our investigations.
  ☆195Updated this week
• socprime / the-prime-hunt
  A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation
  ☆77Updated last year
• weslambert / velociraptor-docker
  Docker image for Velocidex Velociraptor
  ☆128Updated 3 months ago
• joeavanzato / crackdown
  Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.
  ☆15Updated last year
• NextronSystems / evtx-baseline
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆79Updated last month
• OMENScan / AChoirX
  ReWrite of AChoir in Go for Cross Platform
  ☆41Updated 4 months ago
• NextronSystems / nextron-helper-scripts
  Public tools, scripts or code snippets that can help when working with our products
  ☆46Updated last month
• BushidoUK / Exploring-APT-campaigns
  Further investigation in to APT campaigns disclosed by private security firms and security agencies
  ☆86Updated 3 years ago
• magicsword-io / sigconverter.io
  An opensource sigma conversion tool built using pysigma
  ☆130Updated last week