Alternatives and similar repositories for suzaku

Users that are interested in suzaku are comparing it to the libraries listed below

• mnrkbys / fjta
  FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…
  ☆75Updated last week
• krdmnbrk / AttackRuleMap
  Mapping of open-source detection rules and atomic tests.
  ☆168Updated 5 months ago
• infosecB / Rulehound
  An index of publicly available and open-source threat detection rulesets.
  ☆114Updated 2 months ago
• mgreen27 / DetectRaptor
  A repository to share publicly available Velociraptor detection content
  ☆173Updated this week
• AttackIQ / DetectIQ
  ☆105Updated last month
• mf1d3l / Splunk4DFIR
  Harness the power of Splunk for your investigations
  ☆111Updated this week
• northsh / detection.studio
  Convert Sigma rules to SIEM queries, directly in your browser.
  ☆89Updated last week
• elastic / SWAT
  Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK…
  ☆165Updated 8 months ago
• cgosec / Blauhaunt
  A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…
  ☆171Updated last month
• invictus-ir / aws-cheatsheet
  A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.
  ☆74Updated last year
• Digital-Defense-Institute / triage.zip
  A preconfigured Velociraptor triage collector
  ☆52Updated last week
• korniko98 / pivot-atlas
  ☆92Updated last month
• curated-intel / The-CTI-Research-Guide
  A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners
  ☆96Updated 7 months ago
• anvilogic-forge / armory
  Anvilogic Forge
  ☆104Updated 3 weeks ago
• CTI-Driven / LOLBins
  The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…
  ☆124Updated last year
• Neo23x0 / god-mode-rules
  God Mode Detection Rules
  ☆134Updated 10 months ago
• magicsword-io / sigconverter.io
  An opensource sigma conversion tool built using pysigma
  ☆130Updated 2 weeks ago
• cudeso / proof-value-cti
  Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.
  ☆51Updated 8 months ago
• reecdeep / segugio
  Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…
  ☆151Updated 9 months ago
• tsale / EDR-Telemetry-Website
  ☆74Updated this week
• facebookincubator / ForgeArmory
  ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).
  ☆113Updated 9 months ago
• okta / customer-detections
  ☆132Updated last month
• huntresslabs / rogueapps
  When good OAuth apps go rogue. Documents observed OAuth application tradecraft
  ☆77Updated 2 weeks ago
• MHaggis / ClickGrab
  Finding ClickFix and FakeCAPTCHA like it's 1999
  ☆40Updated this week
• securityjoes / ForensicMiner
  A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
  ☆155Updated 2 months ago
• gertjanbruggink / metrics
  This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.
  ☆112Updated 7 months ago
• mthcht / ThreatIntel-Reports
  Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports
  ☆121Updated this week
• mbabinski / Sigma-Rules
  A repository of my own Sigma detection rules.
  ☆160Updated 9 months ago
• Sam0x90 / CB-Threat-Hunting
  CarbonBlack EDR detection rules and response actions
  ☆71Updated 9 months ago
• The-DFIR-Report / DFIR-Artifacts
  Repository for sharing examples of our artifacts data and for use in new analyst recruitment.
  ☆101Updated 2 months ago