Alternatives and similar repositories for buildkit:

Users that are interested in buildkit are comparing it to the libraries listed below

• giMini / NOAH
  PowerShell No Agent Hunting
  ☆110Updated 6 years ago
• Foundstone / InvestigationPlaybookSpec
  InvestigationPlaybookSpec
  ☆72Updated 7 years ago
• aboutsecurity / rastrea2r
  Collecting & Hunting for IOCs with gusto and style
  ☆116Updated 6 years ago
• Pwdrkeg / honeyport
  A powershell script for creating a Windows honeyport.
  ☆87Updated 9 years ago
• SMAPPER / NXLog-AutoConfig
  ☆48Updated 4 years ago
• et0x / Incident-Response
  ☆36Updated 8 years ago
• LogRhythm-Labs / PIE
  The Phishing Intelligence Engine - An Active Defense PowerShell Framework for Phishing Defense with Office 365
  ☆180Updated 4 years ago
• Ben0xA / PowerShellDefense
  Some PowerShell Defensive Scripts
  ☆127Updated 8 years ago
• daveherrald / botsv1
  Splunk Boss of the SOC v1 data set.
  ☆111Updated 6 years ago
• CrowdStrike / falcon-orchestrator
  CrowdStrike Falcon Orchestrator provides automated workflow and response capabilities
  ☆186Updated last year
• capesstack / capes
  Cyber Analytics Platform and Examination System (CAPES) Project Page
  ☆60Updated 5 years ago
• sans-blue-team / NSM
  This repository is created to add value to existing Network Security Monitoring solutions.
  ☆42Updated 8 years ago
• Invoke-IR / ACE
  Automated, Collection, and Enrichment Platform
  ☆324Updated 5 years ago
• xme / dockers
  Miscelaneous Dockers
  ☆46Updated 3 years ago
• Infocyte / PSHunt
  Powershell Threat Hunting Module
  ☆283Updated 8 years ago
• unfetter-discover / unfetter-analytic
  Main Build directory
  ☆179Updated 5 years ago
• bromiley / olaf
  Office365 Log Analysis Framework
  ☆82Updated 5 years ago
• redcanaryco / redcanary-response-utils
  Tools to automate and/or expedite response.
  ☆113Updated 8 months ago
• BinaryDefense / goatrider
  GoatRider is a simple tool that will dynamically pull down Artillery Threat Intelligence Feeds, TOR, AlienVaults OTX, and the Alexa top 1…
  ☆138Updated 6 years ago
• JohnLaTwC / PyPowerShellXray
  Python script to decode common encoded PowerShell scripts
  ☆216Updated 6 years ago
• nsacyber / Pass-the-Hash-Guidance
  Configuration guidance for implementing Pass-the-Hash mitigations. #nsacyber
  ☆198Updated 8 years ago
• Cyb3rPandaH / Tableau-ATTCK
  Understanding ATT&CK Matrix for Enterprise
  ☆80Updated 6 years ago
• MinervaLabsResearch / Mystique
  Mystique may be used to discover infection markers that can be used to vaccinate endpoints against malware. It receives as input a malici…
  ☆82Updated 7 years ago
• sans-blue-team / freq.py
  Mark Baggett's (@MarkBaggett - GSE #15, SANS SEC573 Author) tool for detecting randomness using NLP techniques rather than pure entropy c…
  ☆125Updated 2 years ago
• rkovar / splunk-hunting-helpers
  ☆55Updated 3 years ago
• daverstephens / The-SOC-Shop
  Repository of scripts/tools that may be useful in Security Operations Centres (SOC)
  ☆54Updated 4 years ago
• dstaulcu / TA-Sigma-Searches
  A Splunk app with saved reports derived from Sigma rules
  ☆73Updated 6 years ago
• oneoffdallas / check_ioc
  Check_ioc is a script to check for various, selectable indicators of compromise on Windows systems via PowerShell and Event Logs. It was …
  ☆77Updated 7 years ago
• SparkITSolutions / phoenix
  Cuckoo Sandbox is an automated dynamic malware analysis system
  ☆107Updated 4 years ago
• Soinull / assimilate
  Assimilate is a series of scripts for using the Naïve Bayes algorithm to find potential malicious activity in HTTP headers
  ☆90Updated 7 years ago