SentinelOne STAR Rules
☆75Feb 11, 2025Updated last year
Alternatives and similar repositories for Sentinel-One-STAR-Rules-Threat-Hunts
Users that are interested in Sentinel-One-STAR-Rules-Threat-Hunts are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This will be a repository of SentinelOne Deep Visibility queries both the Standard Queries and the Power Queries. Most of these queries w…☆33Oct 15, 2024Updated last year
- Beginners Guide to Hunting for Threats☆18Apr 26, 2025Updated 10 months ago
- Repository of SentinelOne Deep Visibility queries.☆136Jun 30, 2021Updated 4 years ago
- MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity☆94Jan 11, 2021Updated 5 years ago
- ☆71Jun 20, 2023Updated 2 years ago
- PowerShell module for SentinelOne API☆70Jun 26, 2023Updated 2 years ago
- 🐻❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.☆14May 22, 2024Updated last year
- Super light, super fast, unlimited search idea☆25Aug 3, 2025Updated 7 months ago
- A tool for studying JavaScript malware.☆15Updated this week
- Splunk app to compare Endpoint Detection and Response solutions based on MITRE ATT&CK evaluations (APT3, APT29, Carbanak + FIN7, Wizard S…☆19Sep 5, 2022Updated 3 years ago
- Plugins for parsing CSV files in Timeline Explorer. This project allows for anyone to add more supported files (i,e. they get a Line #/ta…☆30May 5, 2025Updated 10 months ago
- VTC - Velociraptor Timeline Creator☆19May 15, 2024Updated last year
- CTI-URLScan is a command line tool to enable analysts to search URLscan.io submissions. Pull screenshot and DOM content. As well as, auto…☆11Mar 2, 2021Updated 5 years ago
- A tool to automate memory dump processing using Volatility, including optional Splunk integration.☆11Jul 29, 2020Updated 5 years ago
- Web based S1 query navigator for one-click threat hunting☆26Dec 18, 2020Updated 5 years ago
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆118Nov 28, 2023Updated 2 years ago
- ☆33Oct 25, 2021Updated 4 years ago
- Signature engine for all your logs☆173Nov 13, 2023Updated 2 years ago
- PowerShell Script for AD Security Assessment☆17Jul 18, 2023Updated 2 years ago
- Collection of Cyber Threat Intelligence sources from the deep and dark web☆17Dec 15, 2025Updated 3 months ago
- ☆23Feb 8, 2026Updated last month
- This is a repository for reporting any issues in any of my software☆13May 15, 2018Updated 7 years ago
- ☆17Jan 21, 2026Updated 2 months ago
- ☆12Jul 15, 2022Updated 3 years ago
- A high-speed forensic timeline engine for Windows forensic artifact CSV output built for DFIR investigators. Quickly consolidate CSV outp…☆309Feb 26, 2026Updated 3 weeks ago
- Cyber Threats Detection Rules☆14Sep 16, 2025Updated 6 months ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆791Mar 14, 2026Updated last week
- ☆11Jun 12, 2023Updated 2 years ago
- An npm package for extracting common IoC (Indicator of Compromise) from a block of text☆62Updated this week
- Extract forensic interesting information from Chrome, Firefox, Safari browsers ...☆27May 11, 2019Updated 6 years ago
- Cyber Threat Intelligence☆78Dec 7, 2025Updated 3 months ago
- All the useful tools interesting to be used☆24Sep 20, 2022Updated 3 years ago
- Awesome list of keywords and artifacts for Threat Hunting sessions☆648Aug 4, 2025Updated 7 months ago
- multi-threaded script uses VirusTotal and AbuseIPDB APIs and generate an excel with all needed data☆10Mar 14, 2023Updated 3 years ago
- Personal settings for X-Ways Forensics☆32Apr 28, 2022Updated 3 years ago
- ☆15Dec 22, 2021Updated 4 years ago
- PowerShell wrapper for the SentinelOne API☆10Jan 4, 2025Updated last year
- ☆17Nov 13, 2024Updated last year
- Windows Scripts☆12Apr 2, 2020Updated 5 years ago