Alternatives and similar repositories for cortex-xdr-client

Users that are interested in cortex-xdr-client are comparing it to the libraries listed below

• Securonix / AutonomousThreatSweeper
  Threat Hunting queries for various attacks
  ☆238Updated this week
• zeronetworks / ldapfw
  Protect your Domain Controllers by auditing and restricting LDAP requests
  ☆170Updated 2 months ago
• CrowdStrike / OWASSRF
  ☆13Updated 2 years ago
• MazX0p / ThreatHound
  ☆160Updated last year
• chronicle / GCTI
  ☆547Updated last year
• whikernel / evtx2splunk
  Evtx to Splunk ingestor
  ☆15Updated 3 years ago
• OTRF / OSSEM-DM
  OSSEM Detection Model
  ☆176Updated 2 years ago
• center-for-threat-informed-defense / top-attack-techniques
  Top ATT&CK Techniques helps defenders approach the breadth and complexity of MITRE ATT&CK® with a prioritized top 10 list of techniques t…
  ☆119Updated 2 months ago
• center-for-threat-informed-defense / insider-threat-ttp-kb
  The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders…
  ☆143Updated last month
• sublime-security / sublime-rules
  Sublime rules for email attack detection, prevention, and threat hunting.
  ☆316Updated this week
• microsoft / MSTIC-Sysmon
  Anything Sysmon related from the MSTIC R&D team
  ☆155Updated last year
• cyware-labs / Threat-Response-Docker
  ☆43Updated 2 years ago
• drb-ra / C2IntelFeeds
  Automatically created C2 Feeds
  ☆632Updated this week
• NextronSystems / ransomware-simulator
  Ransomware simulator written in Golang
  ☆443Updated 3 years ago
• attackevals / ael
  ATT&CK Evaluations Library
  ☆72Updated 2 weeks ago
• mthcht / ThreatHunting-Keywords-yara-rules
  yara detection rules for hunting with the threathunting-keywords project
  ☆126Updated 3 months ago
• joeavanzato / RetrievIR
  PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.
  ☆105Updated 11 months ago
• mdecrevoisier / Splunk-input-windows-baseline
  Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…
  ☆92Updated last month
• netwrix / PingCastleCloud
  Audit program for AzureAD
  ☆150Updated 2 years ago
• joeavanzato / Trawler
  PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.
  ☆318Updated 3 months ago
• mitre / atomic
  A MITRE Caldera plugin
  ☆45Updated 8 months ago
• mdecrevoisier / SIGMA-detection-rules
  Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques
  ☆373Updated 6 months ago
• Cyb3r-Monk / RITA-J
  Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.
  ☆204Updated 3 years ago
• tsale / Sigma_rules
  Sigma rules to share with the community
  ☆121Updated 6 months ago
• Neo23x0 / Loki2
  LOKI2 - Simple IOC and YARA Scanner
  ☆98Updated last month
• fox-it / cobaltstrike-beacon-data
  Open Dataset of Cobalt Strike Beacon metadata (2018-2022)
  ☆125Updated 3 years ago
• Cyb3r-Monk / ACCD
  Active C&C Detector
  ☆155Updated last year
• west-wind / Threat-Hunting-With-Splunk
  Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise
  ☆66Updated last year
• codeyourweb / fastfinder
  Incident Response - Fast suspicious file finder
  ☆245Updated 3 years ago
• strozfriedberg / cobaltstrike-config-extractor
  Cobalt Strike Beacon configuration extractor and parser.
  ☆154Updated 3 years ago