SentinelOne STAR Rules
☆73Feb 11, 2025Updated last year
Alternatives and similar repositories for Sentinel-One-STAR-Rules-Threat-Hunts
Users that are interested in Sentinel-One-STAR-Rules-Threat-Hunts are comparing it to the libraries listed below
Sorting:
- Repository of SentinelOne Deep Visibility queries.☆136Jun 30, 2021Updated 4 years ago
- Beginners Guide to Hunting for Threats☆18Apr 26, 2025Updated 10 months ago
- ☆69Jun 20, 2023Updated 2 years ago
- MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity☆92Jan 11, 2021Updated 5 years ago
- Splunk app to compare Endpoint Detection and Response solutions based on MITRE ATT&CK evaluations (APT3, APT29, Carbanak + FIN7, Wizard S…☆19Sep 5, 2022Updated 3 years ago
- PowerShell module for SentinelOne API☆69Jun 26, 2023Updated 2 years ago
- Ansible Collection☆12Apr 22, 2025Updated 10 months ago
- CTI-URLScan is a command line tool to enable analysts to search URLscan.io submissions. Pull screenshot and DOM content. As well as, auto…☆10Mar 2, 2021Updated 5 years ago
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆118Nov 28, 2023Updated 2 years ago
- A tool to automate memory dump processing using Volatility, including optional Splunk integration.☆12Jul 29, 2020Updated 5 years ago
- Sigma to Wazuh rule converter☆18Sep 28, 2025Updated 5 months ago
- PowerShell Script for AD Security Assessment☆17Jul 18, 2023Updated 2 years ago
- Extract forensic interesting information from Chrome, Firefox, Safari browsers ...☆27May 11, 2019Updated 6 years ago
- ☆12Jul 15, 2022Updated 3 years ago
- Threat Detection System using Hybrid (Machine Learning + Lexical Analysis) learning Approach.☆11May 30, 2017Updated 8 years ago
- Cyber Threats Detection Rules☆14Sep 16, 2025Updated 5 months ago
- A tool for studying JavaScript malware.☆15Updated this week
- ☆23Feb 8, 2026Updated 3 weeks ago
- ☆33Oct 25, 2021Updated 4 years ago
- Our collection of Wazuh detection rules for our Offense Lab☆18Feb 13, 2022Updated 4 years ago
- Super light, super fast, unlimited search idea☆25Aug 3, 2025Updated 7 months ago
- VTC - Velociraptor Timeline Creator☆19May 15, 2024Updated last year
- Collection of Cyber Threat Intelligence sources from the deep and dark web☆17Dec 15, 2025Updated 2 months ago
- Signature engine for all your logs☆172Nov 13, 2023Updated 2 years ago
- All the useful tools interesting to be used☆24Sep 20, 2022Updated 3 years ago
- Web based S1 query navigator for one-click threat hunting☆25Dec 18, 2020Updated 5 years ago
- A generic security incident response playbook investigating and responding to potential compromises of Okta's internal systems, in the co…☆20Mar 24, 2022Updated 3 years ago
- Sigma detection rules for hunting with the threathunting-keywords project☆58Mar 2, 2025Updated last year
- ☆96May 5, 2025Updated 9 months ago
- Automatically update IoC for lucky visitor scam☆26Apr 9, 2025Updated 10 months ago
- Azure AD Incident Response☆27Oct 8, 2021Updated 4 years ago
- A curated list of resources to deep dive into the intersection of applied machine learning and threat detection.☆19Sep 23, 2020Updated 5 years ago
- Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)☆102Jul 10, 2025Updated 7 months ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆785Feb 22, 2026Updated last week
- An npm package for extracting common IoC (Indicator of Compromise) from a block of text☆59Oct 5, 2025Updated 4 months ago
- These are some of the commands which I use frequently during Malware Analysis and DFIR.☆24Jan 8, 2024Updated 2 years ago
- AI-Powered, Local Pythonic Coding Agent 🐞💻☆24Mar 3, 2025Updated last year
- Indicators of Compromise (IOCs) accompanying HP Threat Research blog posts and reports.☆29Apr 10, 2024Updated last year
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Jul 27, 2020Updated 5 years ago