Alternatives and similar repositories for Sparrow

Users that are interested in Sparrow are comparing it to the libraries listed below

• CrowdStrike / CRT
  Contact: CRT@crowdstrike.com
  ☆734Updated 2 years ago
• T0pCyber / hawk
  Powershell Based tool for gathering information related to O365 intrusions and potential Breaches
  ☆852Updated 3 months ago
• mandiant / Mandiant-Azure-AD-Investigator
  ☆627Updated 2 years ago
• netevert / sentinel-attack
  Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
  ☆1,069Updated 6 months ago
• microsoft / Microsoft-365-Defender-Hunting-Queries
  Sample queries for Advanced hunting in Microsoft 365 Defender
  ☆2,005Updated 3 years ago
• Azure / SimuLand
  Understand adversary tradecraft and improve detection strategies
  ☆710Updated 2 years ago
• trustedsec / SysmonCommunityGuide
  TrustedSec Sysinternals Sysmon Community Guide
  ☆1,221Updated last year
• palantir / windows-event-forwarding
  A repository for using windows event forwarding for incident detection and response
  ☆1,267Updated 10 months ago
• cisagov / untitledgoosetool
  Untitled Goose Tool is a robust and flexible hunt and incident response tool that adds novel authentication and data gathering methods in…
  ☆930Updated last week
• OTRF / Microsoft-Sentinel2Go
  Microsoft Sentinel2Go is an open source project developed to expedite the deployment of a Microsoft Sentinel research lab.
  ☆570Updated 5 months ago
• reprise99 / Sentinel-Queries
  Collection of KQL queries
  ☆1,541Updated 6 months ago
• Gerenios / AADInternals
  AADInternals PowerShell module for administering Azure AD and Office 365
  ☆1,439Updated 2 months ago
• ukncsc / lme
  Logging Made Easy
  ☆712Updated last year
• nsacyber / Event-Forwarding-Guidance
  Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsac…
  ☆868Updated 4 years ago
• alexverboon / MDATP
  MDATP
  ☆462Updated 11 months ago
• NetSPI / MicroBurst
  A collection of scripts for assessing Microsoft Azure security
  ☆2,188Updated 2 weeks ago
• sans-blue-team / DeepBlueCLI
  ☆2,289Updated last year
• davehull / Kansa
  A Powershell incident response framework
  ☆1,607Updated 2 years ago
• olafhartong / sysmon-modular
  A repository of sysmon configuration modules
  ☆2,812Updated 10 months ago
• hausec / PowerZure
  PowerShell framework to assess Azure security
  ☆1,198Updated 9 months ago
• mdecrevoisier / Microsoft-eventlog-mindmap
  Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...
  ☆1,082Updated 9 months ago
• darkquasar / AzureHunter
  A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
  ☆788Updated 2 years ago
• OTRF / Blacksmith
  Building environments to replicate small networks and deploy applications
  ☆324Updated 5 months ago
• miriamxyra / EventList
  EventList
  ☆376Updated 4 years ago
• cyberark / SkyArk
  SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
  ☆895Updated 6 months ago
• dafthack / MFASweep
  A tool for checking if MFA is enabled on multiple Microsoft Services
  ☆1,520Updated 3 months ago
• invictus-ir / Microsoft-Extractor-Suite
  A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.
  ☆643Updated 3 weeks ago
• mandiant / sunburst_countermeasures
  ☆561Updated 2 years ago
• GossiTheDog / ThreatHunting
  Tools for hunting for threats.
  ☆583Updated last month
• Bert-JanP / Hunting-Queries-Detection-Rules
  KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunt…
  ☆1,476Updated last week