Alternatives and similar repositories for collector-templates

Users that are interested in collector-templates are comparing it to the libraries listed below

• splunk / contentctl
  Splunk Content Control Tool
  ☆119Updated last week
• CrowdStrike / logscale-community-content
  This repository contains Community and Field contributed content for LogScale
  ☆268Updated last month
• CrowdStrike / Cloud-Azure
  Discover for Cloud and Containers Azure
  ☆29Updated 3 weeks ago
• criblio / criblvision
  Splunk App for Cribl Stream and Edge Observability
  ☆25Updated 2 months ago
• cudeso / misp2sentinel
  MISP to Sentinel integration
  ☆74Updated last month
• splunk / rba
  RBA is Splunk's method to aggregate low-fidelity security events as interesting observations tagged with security metadata to create high…
  ☆57Updated last week
• keyboardcrunch / SentinelOne-Query-Navigator
  Web based S1 query navigator for one-click threat hunting
  ☆23Updated 4 years ago
• dwillowtree / diana
  Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )
  ☆211Updated last year
• AttackIQ / pySigma-backend-kusto
  ☆42Updated 2 months ago
• CrowdStrike / falcon-scripts
  Scripts to streamline the deployment and use of the CrowdStrike Falcon sensor
  ☆187Updated last month
• SecurityBagel / CMMC-Bagel
  compliance assessment and POA&M management for CMMC/NIST 800-171A
  ☆99Updated 8 months ago
• CrowdStrike / falconpy
  The CrowdStrike Falcon SDK for Python
  ☆434Updated 2 weeks ago
• siriussecurity / dettectinator
  Dettectinator - The Python library to your DeTT&CT YAML files.
  ☆116Updated 5 months ago
• center-for-threat-informed-defense / insider-threat-ttp-kb
  The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders…
  ☆146Updated 2 months ago
• chronicle / cbn-tool
  Command line tool to interact with Chronicle's Config Based Normalizer (CBN) APIs.
  ☆31Updated 2 years ago
• invictus-ir / ALFA
  ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…
  ☆163Updated 6 months ago
• k-bailey / detection-engineering-maturity-matrix
  ☆98Updated 3 years ago
• SophosRapidResponse / OSQuery
  ☆87Updated 6 months ago
• keyboardcrunch / sentinelone-queries
  Repository of SentinelOne Deep Visibility queries.
  ☆133Updated 4 years ago
• garybushey / ProgrammingMicrosoftSentinel
  Programming Microsoft Sentinel book
  ☆25Updated last year
• OTRF / infosec-jupyter-book
  The Infosec Community Definitive Guide to Jupyter Notebooks
  ☆125Updated 4 years ago
• splunk / azure-functions-splunk
  Azure Functions for getting data in to Splunk
  ☆33Updated 7 months ago
• splunk / security_content_docs
  Contains research.splunk.com site code
  ☆11Updated last year
• LogRhythm-Tools / LogRhythm.Tools
  LogRhythm PowerShell Toolkit
  ☆51Updated last month
• redcanaryco / surveyor
  A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.
  ☆231Updated 5 months ago
• bk-cs / rtr
  Real-time Response scripts and schema
  ☆117Updated last year
• CrowdStrike / psfalcon
  PowerShell for CrowdStrike's OAuth2 APIs
  ☆435Updated this week
• hulkmode / echothreat
  ☆31Updated last month
• guilhemmarchand / trackme
  TrackMe - Data tracking system for Splunk admins
  ☆50Updated 2 years ago
• pe3zx / crowdstrike-falcon-queries
  A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon
  ☆210Updated 5 years ago