Alternatives and similar repositories for EDR-Attack-and-Defense:

Users that are interested in EDR-Attack-and-Defense are comparing it to the libraries listed below

• west-wind / Threat-Hunting-With-Splunk
  Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise
  ☆60Updated 9 months ago
• Sam0x90 / CB-Threat-Hunting
  CarbonBlack EDR detection rules and response actions
  ☆71Updated 4 months ago
• mbabinski / Sigma-Rules
  A repository of my own Sigma detection rules.
  ☆157Updated 4 months ago
• nasbench / SIGMA-Resources
  Resources To Learn And Understand SIGMA Rules
  ☆173Updated last year
• CyberCastle-Blueteam / OpenThreatDetectionRules
  A collection of open source threat detection rules created by Cyber Castle's team.
  ☆14Updated 2 years ago
• BankSecurity / Threat_Hunting
  Some Threat Hunting queries useful for blue teamers
  ☆124Updated 2 years ago
• curated-intel / Threat-Actor-Profile-Guide
  The Threat Actor Profile Guide for CTI Analysts
  ☆103Updated last year
• tsale / Sigma_rules
  Sigma rules to share with the community
  ☆116Updated this week
• maddev-engenuity / AdversaryEmulation
  MAD ATT&CK Defender: ATT&CK Adversary Emulation Repository
  ☆111Updated last year
• pr0xylife / pr0xylife
  Config files for my GitHub profile.
  ☆14Updated last year
• mf1d3l / Splunk4DFIR
  Harness the power of Splunk for your investigations
  ☆84Updated 2 months ago
• mthcht / Purpleteam
  Purpleteam scripts simulation & Detection - trigger events for SOC detections
  ☆171Updated last month
• keyboardcrunch / SentinelOne-ATTACK-Queries
  MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity
  ☆88Updated 4 years ago
• The-DFIR-Report / Yara-Rules
  ☆64Updated last week
• pr0xylife / Emotet
  IOC Collection 2022
  ☆56Updated last year
• MHaggis / notes
  Full of public notes and Utilities
  ☆95Updated 2 months ago
• secure-cake / win-mal-investigations
  Windows Malware Investigation Scripts & Docs
  ☆75Updated 2 months ago
• Mikoyan-Dee / CrowdStrike-Queries
  CrowdStrike Falcon Queries For Advanced Threat Detection
  ☆16Updated 2 years ago
• archanchoudhury / Power-Forensics
  Power-Forensics is the Best Friend for Incident Responders to perform IR and collect evidences for Linux based host
  ☆10Updated last year
• mthcht / ThreatIntel-Reports
  Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports
  ☆83Updated this week
• acquiredsecurity / Sentinel-One-STAR-Rules-Threat-Hunts
  SentinelOne STAR Rules
  ☆54Updated last year
• splunk / macro-level-attack-trending
  Aggregated ATT&CK technique reporting data. Presented at Splunk GovSummit December 2022
  ☆15Updated last week
• THORCollective / HEARTH
  A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …
  ☆177Updated this week
• signorrayan / SplunkThreatHunting
  This repository contains Splunk queries to hunt some anomalies
  ☆38Updated 2 years ago
• activecm / threat-tools
  Tools for simulating threats
  ☆181Updated last year
• tidalcyber / cyber-threat-profiling
  A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense
  ☆81Updated last year
• Cyb3r-Monk / ACCD
  Active C&C Detector
  ☆152Updated last year
• BushidoUK / Exploring-APT-campaigns
  Further investigation in to APT campaigns disclosed by private security firms and security agencies
  ☆84Updated 2 years ago
• paladin316 / ThreatHunting
  This repo is where I store my Threat Hunting ideas/content
  ☆86Updated last year
• archanchoudhury / DFIR-Tools
  This is the One Stop place where you can find almost all of your Tools of Requirements in DFIR
  ☆75Updated 2 years ago