Alternatives and similar repositories for evidence-app:

Users that are interested in evidence-app are comparing it to the libraries listed below

• iknowjason / BlueCloud
  Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
  ☆128Updated 2 years ago
• DefensiveOrigins / DO-LAB
  ☆45Updated 3 weeks ago
• MarkBaggett / 504lab
  Distribution of the SANS SEC504 Windows Cheat Sheet Lab
  ☆67Updated 4 years ago
• invictus-ir / aws-cheatsheet
  A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.
  ☆65Updated 8 months ago
• bengoerz / PurpleTeamDocs
  ☆28Updated 4 years ago
• ssnkhan / adversarial-threat-modelling
  Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop
  ☆57Updated 2 weeks ago
• Resistor52 / terraform-cloud-workstation
  Use Terraform to Provision Your Own Cloud-Based Remote Browsing Workstation
  ☆25Updated 9 months ago
• splunk / attack-detections-collector
  Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique
  ☆65Updated 10 months ago
• infosecB / detection-as-code
  An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
  ☆51Updated 2 years ago
• aboutsecurity / jupyter-notebooks
  My Jupyter Notebooks
  ☆36Updated 9 months ago
• center-for-threat-informed-defense / summiting-the-pyramid
  Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…
  ☆35Updated last month
• invictus-ir / Sigma-AWS
  This repository contains the research and components of our research into using Sigma for AWS Incident Response.
  ☆27Updated last year
• malwarejake-public / conference-presentations
  Conference presentations
  ☆47Updated last year
• msraju / Incident-Response-Playbooks
  ☆42Updated 2 years ago
• joswr1ght / basicblobfinder
  Identify Azure blobs using a wordlist of account name and container name strings
  ☆32Updated 4 years ago
• securityjoes / Crowdstrike-Deploy
  The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.
  ☆22Updated 5 months ago
• maartengoet / notebooks
  Jupyter notebooks
  ☆22Updated 4 years ago
• BinaryDefense / ThreatHuntingJupyterNotebooks
  ☆58Updated 2 years ago
• dfirence / ma-insights-xe
  User Feedback Space of #MitreAssistant
  ☆37Updated last year
• SecurityRiskAdvisors / indexes
  Threat Simulation Indexes
  ☆37Updated 3 weeks ago
• Silv3rHorn / BulkStrike
  BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.
  ☆41Updated 2 years ago
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆38Updated 9 months ago
• Antonlovesdnb / SANSTHS2021
  Hunting Malicious Macros SANS Threathunting Summit 2021 Materials
  ☆40Updated 3 years ago
• biffalo / easy-wins-endpoint-defense
  Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…
  ☆38Updated 9 months ago
• paladin316 / ThreatHunting
  This repo is where I store my Threat Hunting ideas/content
  ☆86Updated last year
• svch0stz / velociraptor-detections
  ☆20Updated 2 years ago
• MHaggis / notes
  Full of public notes and Utilities
  ☆95Updated 2 months ago
• megan201296 / gsuite-dfir
  ☆41Updated 4 years ago
• socprime / the-prime-hunt
  A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation
  ☆75Updated 8 months ago
• thremulation-station / thremulation-station
  Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
  ☆36Updated last year