Alternatives and similar repositories for openwec:

Users that are interested in openwec are comparing it to the libraries listed below

• SigmaHQ / pySigma-backend-elasticsearch
  pySigma Elasticsearch backend
  ☆50Updated this week
• AttackIQ / SigmAIQ
  A pySigma wrapper and langchain toolkit for automatic rule creation/translation
  ☆74Updated this week
• SigmaHQ / sigma-cli
  The Sigma command line interface based on pySigma
  ☆144Updated last month
• Neo23x0 / Loki2
  LOKI2 - Simple IOC and YARA Scanner
  ☆85Updated 6 months ago
• microsoft / MSTIC-Sysmon
  Anything Sysmon related from the MSTIC R&D team
  ☆149Updated 8 months ago
• redcanaryco / redcanary-ebpf-sensor
  Red Canary's eBPF Sensor
  ☆101Updated 7 months ago
• openrelik / openrelik-server
  The core backend server handling API requests and task management
  ☆35Updated last week
• ANSSI-FR / DFIR4vSphere
  Powershell module for VMWare vSphere forensics
  ☆149Updated 3 months ago
• joeavanzato / LogBoost
  Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…
  ☆102Updated 4 months ago
• sebdraven / IOCmite
  Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert
  ☆37Updated 2 years ago
• cea-sec / gmsad
  gmsad manages Active Directory group Managed Service Account (gMSA) on Linux
  ☆27Updated 2 months ago
• NextronSystems / evtx-baseline
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆76Updated last year
• fox-it / dissect.target
  The Dissect module tying all other Dissect modules together. It provides a programming API and command line tools which allow easy access…
  ☆50Updated this week
• LetMeR00t / TA-thehive-cortex
  Technical add-on for Splunk related to TheHive/Cortex from TheHive project
  ☆52Updated 3 weeks ago
• mgreen27 / DetectRaptor
  A repository to share publicly available Velociraptor detection content
  ☆126Updated this week
• CERN-CERT / pDNSSOC
  Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.
  ☆51Updated last month
• avast / yarang
  Alternative YARA scanning engine
  ☆67Updated 2 years ago
• korniko98 / pivot-atlas
  ☆84Updated last week
• mttaggart / venture
  Venture: Cross-Platform GUI tool for parsing and analyzing Windows event logs
  ☆77Updated 3 weeks ago
• swisscom / ArtifactCollectionMatrix
  Forensic Artifact Collection Tool Matrix
  ☆82Updated 3 months ago
• certeu / droid
  A pySigma wrapper to manage detection rules.
  ☆37Updated 2 months ago
• Yamato-Security / hayabusa-sample-evtx
  Sample evtx files to use for testing hayabusa detection rules
  ☆48Updated 3 months ago
• magicsword-io / LOLRMM
  LotL RMM
  ☆128Updated last week
• SigmaHQ / pySigma-backend-splunk
  pySigma Splunk backend
  ☆36Updated this week
• YARAHQ / yara-forge
  Automated YARA Rule Standardization and Quality Assurance Tool
  ☆192Updated this week
• AttackIQ / pySigma-backend-kusto
  ☆34Updated 2 months ago
• keydet89 / Events-Ripper
  Project based on RegRipper, to extract add'l value/pivot points from TLN events file
  ☆84Updated last week
• cerebrate-project / cerebrate
  Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…
  ☆85Updated 2 months ago
• LaresLLC / SysmonConfigPusher
  Pushes Sysmon Configs
  ☆89Updated 3 years ago
• blueteam0ps / AllthingsTimesketch
  This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.
  ☆106Updated last year