Alternatives and similar repositories for SANS-SEC505:

Users that are interested in SANS-SEC505 are comparing it to the libraries listed below

• BeanBagKing / BaselineLogging
  Automating the baseline logging settings found here: https://nullsec.us/windows-baseline-logging/
  ☆15Updated this week
• p0w3rsh3ll / SEC505
  ☆49Updated 4 years ago
• invictus-ir / Blue-team-app-Office-365-and-Azure
  ☆72Updated 3 months ago
• SentineLabs / S1QL-Queries
  ☆54Updated last year
• jischell-msft / RemoteManagementMonitoringTools
  Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations
  ☆82Updated 5 months ago
• humio / security_monitoring
  ☆41Updated last year
• keydet89 / Events-Ripper
  Project based on RegRipper, to extract add'l value/pivot points from TLN events file
  ☆82Updated last week
• zaneGittins / Huntress
  PowerShell tool to triage systems
  ☆12Updated last year
• secure-cake / rapid-endpoint-investigations
  Scripts for rapid Windows endpoint "tactical triage" and investigations with Velociraptor and KAPE
  ☆109Updated 2 weeks ago
• LaresLLC / SysmonConfigPusher
  Pushes Sysmon Configs
  ☆89Updated 3 years ago
• MHaggis / notes
  Full of public notes and Utilities
  ☆95Updated 2 months ago
• nov3mb3r / trident
  A PowerShell incident response script for quick triage
  ☆78Updated 2 years ago
• malwarejake-public / conference-presentations
  Conference presentations
  ☆47Updated last year
• AndrewRathbun / DFIRPowerShellScripts
  Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!
  ☆45Updated 4 months ago
• MarkBaggett / 504lab
  Distribution of the SANS SEC504 Windows Cheat Sheet Lab
  ☆67Updated 4 years ago
• tobor88 / PowerShell-Blue-Team
  Collection of PowerShell functinos and scripts a Blue Teamer might use
  ☆83Updated last year
• csababarta / memory-baseliner
  Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…
  ☆50Updated last year
• HASecuritySolutions / LogCampaign
  Provides detection capabilities and log conversion to evtx or syslog capabilities
  ☆52Updated 2 years ago
• blackhillsinfosec / audit-inspector
  Audit Inspector is a tool for configuring and auditing Windows auditing.
  ☆32Updated 4 months ago
• mdecrevoisier / Windows-auditing-baseline
  Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.
  ☆50Updated 2 weeks ago
• target / Threat-Hunting
  Detection of obfuscated Powershell commands
  ☆54Updated last year
• airbus-cert / ntTraceControl
  Powershell Event Tracing Toolbox
  ☆73Updated 2 years ago
• EricZimmerman / KapeDocs
  Documentation repository
  ☆44Updated 5 months ago
• mgreen27 / DetectRaptor
  A repository to share publicly available Velociraptor detection content
  ☆124Updated this week
• ReconInfoSec / velociraptor-to-timesketch
  ☆4Updated 3 months ago
• strozfriedberg / greppin-logs
  2021 SANS DFIR Summit: Greppin' Logs
  ☆21Updated 3 years ago
• lasersharkkiller / Threat-Hunter
  Forensics scripts aimed at automating & enhancing the Forensics Legend Eric Zimmerman's techniques, integrating the statistical detection…
  ☆16Updated last year
• jokezone / Update-Sysmon
  This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.
  ☆82Updated last year
• EricZimmerman / Srum
  ☆39Updated 2 weeks ago
• invictus-ir / o365_dataset
  A dataset containing Office 365 Unified Audit Logs for security research and detection
  ☆49Updated 2 years ago