Alternatives and similar repositories for Power-Forensics:

Users that are interested in Power-Forensics are comparing it to the libraries listed below

• securityjoes / Crowdstrike-Deploy
  The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.
  ☆22Updated 4 months ago
• dfirence / ma-insights-xe
  User Feedback Space of #MitreAssistant
  ☆37Updated last year
• keydet89 / Events-Ripper
  Project based on RegRipper, to extract add'l value/pivot points from TLN events file
  ☆82Updated 2 months ago
• EC-DIGIT-CSIRC / OpenTIDE
  Open Threat-Informed Detection Engineering
  ☆28Updated last week
• mthcht / ThreatHunting-Keywords-sigma-rules
  Sigma detection rules for hunting with the threathunting-keywords project
  ☆51Updated last month
• CTI-Driven / Advanced-Threat-Hunting-Ransomware-Groups-Affiliates
  Advanced Threat Hunting: Ransomware Group
  ☆18Updated last month
• CrowdStrike / xwf-yara-scanner
  ☆85Updated 11 months ago
• Sam0x90 / CB-Threat-Hunting
  CarbonBlack EDR detection rules and response actions
  ☆71Updated 4 months ago
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆41Updated 4 years ago
• Ruler-Project / ruler-project
  Remote access and Antivirus Logging Database
  ☆43Updated 8 months ago
• AndrewRathbun / DFIRPowerShellScripts
  Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!
  ☆44Updated 3 months ago
• splunk / PEAK
  Security Content for the PEAK Threat Hunting Framework
  ☆24Updated 11 months ago
• svch0stz / velociraptor-detections
  ☆20Updated last year
• hackjalstead / IRCP
  A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments
  ☆64Updated 2 years ago
• zolderio / misp-to-sentinel
  Azure function to insert MISP data in to Azure Sentinel
  ☆31Updated 2 years ago
• csababarta / memory-baseliner
  Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…
  ☆50Updated last year
• ReconInfoSec / velociraptor-to-timesketch
  ☆4Updated 2 months ago
• paladin316 / ThreatHunting
  This repo is where I store my Threat Hunting ideas/content
  ☆86Updated last year
• thremulation-station / thremulation-station
  Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
  ☆36Updated last year
• Dead-Simple-Scripts / AutoLLR
  Script to automate Linux live evidence collection
  ☆27Updated 2 years ago
• Intellisec-Solutions / Microsoft-Sentinel-SIGMA-Rules-Workbook
  ☆10Updated 2 years ago
• west-wind / Threat-Hunting-With-Splunk
  Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise
  ☆59Updated 8 months ago
• MHaggis / notes
  Full of public notes and Utilities
  ☆94Updated last month
• NextronSystems / evtx-baseline
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆73Updated last year
• joeavanzato / crackdown
  Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.
  ☆15Updated last year
• mgreen27 / DetectRaptor
  A repository to share publicly available Velociraptor detection content
  ☆124Updated this week
• WillOram / AzureAD-incident-response
  Notes on responding to security breaches relating to Azure AD
  ☆97Updated 2 years ago
• RoqueNight / DefenderATP-Proactive-Threat-Hunting-Queries-KQL
  List of custom developed KQL queries to help proactive security teams hunt for opportunistic and sophisticated threat activity by develop…
  ☆24Updated 3 years ago