Alternatives and similar repositories for SANS-BlueTeamSummit-2022

Users that are interested in SANS-BlueTeamSummit-2022 are comparing it to the libraries listed below

• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆46Updated 5 years ago
• Neo23x0 / Talks
  Slides of my public talks
  ☆56Updated 2 years ago
• DefensiveOrigins / DO-LAB
  ☆49Updated this week
• DCScoder / ESXiTri
  ESXi Cyber Security Incident Response Script
  ☆25Updated last year
• bengoerz / PurpleTeamDocs
  ☆29Updated 5 years ago
• Cyb3rWard0g / IntelRAGU
  Intel Retrieval Augmented Generation (RAG) Utilities
  ☆91Updated last year
• BushidoUK / Abused-Legitimate-Services
  Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups
  ☆60Updated 3 years ago
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆66Updated 3 years ago
• BinaryDefense / ThreatHuntingJupyterNotebooks
  ☆63Updated 3 years ago
• Mostafayahia-hunter / Virustotal-python-API-Domains-IPs-and-URLs-
  ☆21Updated 4 years ago
• op7ic / Cloud-Investigate
  A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.
  ☆39Updated last year
• darkquasar / AIMOD2
  Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…
  ☆89Updated 2 years ago
• splunk / attack-detections-collector
  Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique
  ☆69Updated last year
• hackjalstead / IRCP
  A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments
  ☆65Updated 3 years ago
• cybergoatpsyops / detections
  Placeholder for my detection repo and misc detection engineering content
  ☆42Updated 2 years ago
• splunk / PEAK
  Security Content for the PEAK Threat Hunting Framework
  ☆39Updated last year
• thremulation-station / thremulation-station
  Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
  ☆38Updated 2 years ago
• mlgualtieri / PurpleTeamSummit
  ☆28Updated 4 years ago
• zolderio / misp-to-sentinel
  Azure function to insert MISP data in to Azure Sentinel
  ☆33Updated 3 years ago
• ashemery / WindowsDFIR
  Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…
  ☆77Updated 4 years ago
• joeavanzato / velociraptor-timeline-creator
  VTC - Velociraptor Timeline Creator
  ☆19Updated last year
• dfirence / ma-insights-xe
  User Feedback Space of #MitreAssistant
  ☆38Updated 2 years ago
• strozfriedberg / QELP
  Quick ESXi Log Parser
  ☆28Updated last month
• joeavanzato / crackdown
  Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.
  ☆17Updated 2 years ago
• curated-intel / MOVEit-Transfer
  A repository for tracking events related to the MOVEit Transfer Cl0p Campaign
  ☆71Updated 2 years ago
• elastic / sans-dfir-2022
  Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"
  ☆11Updated 10 months ago
• McL0vinn / Windows-Forensic-Examination-and-Threat-Hunting
  Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…
  ☆13Updated 3 years ago
• paladin316 / ThreatHunting
  This repo is where I store my Threat Hunting ideas/content
  ☆87Updated 2 years ago
• Sam0x90 / CB-Threat-Hunting
  CarbonBlack EDR detection rules and response actions
  ☆73Updated last year
• freeload101 / Bloodhound-Portable
  Bloodhound Portable for Windows
  ☆53Updated 2 years ago