Alternatives and similar repositories for Power-Forensics:

Users that are interested in Power-Forensics are comparing it to the libraries listed below

• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆42Updated 4 years ago
• CrowdStrike / xwf-yara-scanner
  ☆86Updated last year
• west-wind / Threat-Hunting-With-Splunk
  Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise
  ☆60Updated 9 months ago
• joeavanzato / crackdown
  Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.
  ☆15Updated last year
• Dead-Simple-Scripts / AutoLLR
  Script to automate Linux live evidence collection
  ☆27Updated 2 years ago
• dfirence / ma-insights-xe
  User Feedback Space of #MitreAssistant
  ☆37Updated last year
• svch0stz / velociraptor-detections
  ☆20Updated 2 years ago
• Sam0x90 / CB-Threat-Hunting
  CarbonBlack EDR detection rules and response actions
  ☆71Updated 5 months ago
• securityjoes / Crowdstrike-Deploy
  The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.
  ☆22Updated 5 months ago
• mthcht / ThreatHunting-Keywords-sigma-rules
  Sigma detection rules for hunting with the threathunting-keywords project
  ☆53Updated 2 weeks ago
• csababarta / memory-baseliner
  Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…
  ☆51Updated last year
• MHaggis / notes
  Full of public notes and Utilities
  ☆97Updated this week
• paladin316 / ThreatHunting
  This repo is where I store my Threat Hunting ideas/content
  ☆86Updated last year
• TazWake / Public
  Collection of scripts provided for public use
  ☆34Updated 3 months ago
• NextronSystems / evtx-baseline
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆76Updated last year
• keydet89 / Events-Ripper
  Project based on RegRipper, to extract add'l value/pivot points from TLN events file
  ☆82Updated last week
• hackjalstead / IRCP
  A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments
  ☆65Updated 3 years ago
• EC-DIGIT-CSIRC / OpenTIDE
  Open Threat-Informed Detection Engineering
  ☆37Updated last month
• eSentire / iocs
  ☆28Updated this week
• Ruler-Project / ruler-project
  Remote access and Antivirus Logging Database
  ☆43Updated 9 months ago
• ReconInfoSec / velociraptor-to-timesketch
  ☆5Updated 3 months ago
• invictus-ir / o365_dataset
  A dataset containing Office 365 Unified Audit Logs for security research and detection
  ☆49Updated 2 years ago
• AndrewRathbun / DFIRPowerShellScripts
  Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!
  ☆45Updated 4 months ago
• thremulation-station / thremulation-station
  Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
  ☆37Updated last year
• mattnotmax / DFIR-notes
  Random notes collected on the intertubes relating to DFIR
  ☆32Updated last year
• DCScoder / ESXiTri
  ESXi Cyber Security Incident Response Script
  ☆23Updated 5 months ago
• AtomicGaryBusey / AzureForensics
  ☆30Updated 3 years ago
• Intellisec-Solutions / Microsoft-Sentinel-SIGMA-Rules-Workbook
  ☆10Updated 2 years ago
• AndrewRathbun / KAPE-EZToolsAncillaryUpdater
  A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…
  ☆55Updated last week