Alternatives and similar repositories for securityonion-docs

Users that are interested in securityonion-docs are comparing it to the libraries listed below

• activecm / threat-hunting-labs
  Collection of walkthroughs on various threat hunting techniques
  ☆75Updated 4 years ago
• sans-blue-team / sec555-wiki
  ☆77Updated 5 years ago
• sans-blue-team / sec530-wiki
  ☆54Updated 3 years ago
• michaelhidalgo / attack-to-elk
  This program exports MITRE ATT&CK framework in ELK dashboard
  ☆79Updated 2 years ago
• P4T12ICK / Sigma-Hunting-App
  A Splunk App containing Sigma detection rules, which can be updated from a Git repository.
  ☆110Updated 5 years ago
• OTRF / infosec-jupyter-book
  The Infosec Community Definitive Guide to Jupyter Notebooks
  ☆121Updated 4 years ago
• HASecuritySolutions / Presentations
  ☆131Updated last year
• Security-Onion-Solutions / securityonion-soc
  ☆53Updated this week
• OTRF / notebooks-forge
  A collection of notebooks built for defensive and offensive operations.
  ☆77Updated 4 years ago
• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆37Updated 2 years ago
• mitre / attack-navigator
  Web app that provides basic navigation and annotation of ATT&CK matrices
  ☆58Updated 5 years ago
• center-for-threat-informed-defense / attack_to_veris
  🚨ATTENTION🚨 The VERIS mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here …
  ☆71Updated last year
• TheHive-Project / Synapse
  Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform
  ☆71Updated last year
• wazuh / wazuh-splunk
  Wazuh - Splunk App
  ☆55Updated 8 months ago
• josh-morin / qradar
  Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.
  ☆82Updated 3 weeks ago
• splunk / attack-detections-collector
  Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique
  ☆67Updated last year
• socprime / soc_workflow_app_ce
  SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…
  ☆94Updated 2 years ago
• TheHive-Project / awesome
  A curated list of awesome things related to TheHive & Cortex
  ☆180Updated 3 years ago
• sfakiana / SANS-CTI-Summit-2021
  Resources for SANS CTI Summit 2021 presentation
  ☆103Updated last year
• MalwareArchaeology / ARTHIR
  ATT&CK Remote Threat Hunting Incident Response
  ☆200Updated 5 months ago
• weslambert / securityonion-misp
  ☆35Updated 4 years ago
• HASecuritySolutions / LogCampaign
  Provides detection capabilities and log conversion to evtx or syslog capabilities
  ☆53Updated 2 years ago
• siriussecurity / mitre-attack-mapping
  Mapping your datasources and detections to the MITRE ATT&CK Navigator framework.
  ☆58Updated 5 years ago
• activecm / docker-zeek
  Run zeek with zeekctl in docker
  ☆52Updated 8 months ago
• joshlemon / DFIR-Reference-Frameworks
  Repository of public reference frameworks for the DFIR community.
  ☆116Updated last year
• ThreatHuntingProject / hunter
  A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.
  ☆246Updated 3 years ago
• sans-blue-team / freq.py
  Mark Baggett's (@MarkBaggett - GSE #15, SANS SEC573 Author) tool for detecting randomness using NLP techniques rather than pure entropy c…
  ☆125Updated 2 years ago
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆55Updated 5 years ago
• splunk / SA-ctf_scoreboard
  ☆120Updated 3 years ago
• MarkBaggett / domain_stats
  ☆216Updated last year