Alternatives and similar repositories for atc-data

Users that are interested in atc-data are comparing it to the libraries listed below

• gmellini / Microsoft-Defender-Security-Center-Hunting-Queries
  Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…
  ☆39Updated 4 years ago
• jangeisbauer / gundog
  gundog - guided hunting in Microsoft Defender
  ☆52Updated 4 years ago
• socprime / socprime_sigma
  List of sigma for a variety of threats for multiple log sources.
  ☆12Updated 6 years ago
• opencybersecurityalliance / kestrel-huntbook
  This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)
  ☆33Updated last year
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆44Updated 4 years ago
• NVISOsecurity / nviso-cti
  ☆42Updated last year
• DefensiveOrigins / DO-LAB
  ☆47Updated 2 months ago
• secprentice / PowerShellWatchlist
  List of PowerShell commands and commandlets that should be in your Powershel watchlist
  ☆37Updated 3 years ago
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆55Updated 5 years ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆55Updated 11 months ago
• RoqueNight / DefenderATP-Proactive-Threat-Hunting-Queries-KQL
  List of custom developed KQL queries to help proactive security teams hunt for opportunistic and sophisticated threat activity by develop…
  ☆26Updated 3 years ago
• HASecuritySolutions / LogCampaign
  Provides detection capabilities and log conversion to evtx or syslog capabilities
  ☆53Updated 2 years ago
• chihebchebbi / Azure-Sentinel-Hive-Playbook
  Send High & New Incidents to The Hive incident management Platform
  ☆18Updated 4 years ago
• vadim-hunter / Threat-Hunters-KB
  Threat Hunter's Knowledge Base
  ☆22Updated 3 years ago
• OTRF / OSSEM-DD
  OSSEM Data Dictionaries
  ☆61Updated 5 months ago
• paladin316 / ThreatHunting
  This repo is where I store my Threat Hunting ideas/content
  ☆88Updated 2 years ago
• swisscom / PowerSponse
  PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.
  ☆38Updated 3 years ago
• bengoerz / PurpleTeamDocs
  ☆29Updated 4 years ago
• mattreduce / cti-self-study
  Track progress and keep notes while working through likethecoins' CTI Self Study Plan
  ☆28Updated 2 years ago
• splunk / attack-detections-collector
  Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique
  ☆67Updated last year
• OTRF / Set-AuditRule
  Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity
  ☆93Updated 3 years ago
• thremulation-station / thremulation-station
  Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
  ☆38Updated last year
• cudeso / CSIRT-Jump-Bag
  CSIRT Jump Bag
  ☆26Updated last year
• Cyb3r-Monk / Cheat-Sheets
  Cheat sheets for threat hunting, detection and other stuff.
  ☆34Updated 2 years ago
• siemucsm / siemucsm
  SIEM USE Case Selection Methodology
  ☆16Updated 4 years ago
• OTRF / SimuLand
  Cloud Templates and scripts to deploy mordor environments
  ☆129Updated 4 years ago
• Shuffle / workflows
  Workflows for Shuffle
  ☆23Updated 2 years ago
• ashwin-patil / threat-hunting-with-notebooks
  Repository with Sample threat hunting notebooks on Security Event Log Data Sources
  ☆64Updated 2 years ago
• atc-project / atc-mitigation
  Actionable analytics designed to combat threats based on MITRE's ATT&CK.
  ☆22Updated 5 years ago
• evild3ad / Get-MiniTimeline
  Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE
  ☆31Updated last year