Alternatives and similar repositories for detectree:

Users that are interested in detectree are comparing it to the libraries listed below

• swisscom / ArtifactCollectionMatrix
  Forensic Artifact Collection Tool Matrix
  ☆81Updated 3 months ago
• blueteam0ps / memOptix
  A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.
  ☆94Updated last year
• Cyb3r-Monk / RITA-J
  Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.
  ☆200Updated 2 years ago
• CTI-Driven / LOLBins
  The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…
  ☆118Updated 10 months ago
• swimlane / atomic-operator
  A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.
  ☆137Updated 6 months ago
• NVISOsecurity / evtx-hunter
  evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
  ☆150Updated 3 years ago
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆63Updated 2 years ago
• mandiant / thiri-notebook
  The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…
  ☆155Updated 2 years ago
• TactiKoolSec / OTHF
  Open Threat Hunting Framework
  ☆108Updated last year
• CrowdStrike / SuperMem
  A python script developed to process Windows memory images based on triage type.
  ☆260Updated last year
• The-DFIR-Report / Sigma-Rules
  Rules generated from our investigations.
  ☆193Updated 3 months ago
• TH3xACE / EDR-Test
  Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].
  ☆147Updated last year
• tsale / Sigma_rules
  Sigma rules to share with the community
  ☆118Updated 2 weeks ago
• CronUp / Malware-IOCs
  ☆96Updated last month
• PayloadSecurity / Sandbox_Scryer
  ☆225Updated 2 years ago
• ControlCompass / ControlCompass.github.io
  Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques
  ☆131Updated 11 months ago
• microsoft / MSTIC-Sysmon
  Anything Sysmon related from the MSTIC R&D team
  ☆149Updated 8 months ago
• malienist / lupo
  Lupo - Malware IOC Extractor. Debugging module for Malware Analysis Automation
  ☆104Updated 2 years ago
• theflakes / reg_hunter
  Blueteam operational triage registry hunting/forensic tool.
  ☆145Updated last year
• Cyb3r-Monk / ACCD
  Active C&C Detector
  ☆152Updated last year
• center-for-threat-informed-defense / caldera_pathfinder
  Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translatin…
  ☆125Updated 9 months ago
• CrowdStrike / xwf-yara-scanner
  ☆86Updated last year
• paladin316 / ThreatHunting
  This repo is where I store my Threat Hunting ideas/content
  ☆86Updated last year
• weslambert / velociraptor-docker
  Docker image for Velocidex Velociraptor
  ☆118Updated 7 months ago
• MazX0p / ThreatHound
  ☆156Updated last year
• siriussecurity / dettectinator
  Dettectinator - The Python library to your DeTT&CT YAML files.
  ☆108Updated last month
• cado-security / rip_raw
  Rip Raw is a small tool to analyse the memory of compromised Linux systems.
  ☆130Updated 3 years ago
• StrangerealIntel / Orion
  A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...
  ☆138Updated last year
• UncoderIO / Roota
  Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …
  ☆121Updated 6 months ago
• MHaggis / notes
  Full of public notes and Utilities
  ☆97Updated this week