Alternatives and similar repositories for Terminal-SIEM

Users that are interested in Terminal-SIEM are comparing it to the libraries listed below

• WithSecureLabs / Kanvas
  A simple-to-use IR (incident response) case management tool for tracking and documenting investigations.
  ☆406Updated last month
• krdmnbrk / AttackRuleMap
  Mapping of open-source detection rules and atomic tests.
  ☆185Updated 10 months ago
• st0pp3r / awesome-detection-engineer
  Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools…
  ☆126Updated 2 months ago
• infosecB / Rulehound
  An index of publicly available and open-source threat detection rulesets.
  ☆129Updated 7 months ago
• ekky19 / osint
  Have you ever wanted to search a link or IP address on multiple OSINT pages at once?
  ☆59Updated 4 months ago
• securityjoes / ForensicMiner
  A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
  ☆159Updated 7 months ago
• mdecrevoisier / Windows-auditing-baseline
  Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.
  ☆57Updated 5 months ago
• socfortress / SOCFortress-Threat-Intel
  Integrate your Wazuh-Manager or Graylog with the SOCFortress Threat Intel Service
  ☆31Updated last year
• joeavanzato / LogBoost
  Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…
  ☆108Updated last year
• cisagov / playbook-ng
  Playbook-NG is a stateless web-based application used to match incident findings with countermeasures for adversary containment and evict…
  ☆152Updated last month
• mnrkbys / fjta
  FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…
  ☆91Updated 3 weeks ago
• youhgo / DOPP
  DFIR ORC PARSER PROJECT
  ☆24Updated 2 months ago
• socfortress / wazuh-mcp-server
  Repo to hold wazuh manager mcp server
  ☆65Updated last month
• referefref / sinon
  Automation tool for Windows Deception Host Burn-In
  ☆86Updated 11 months ago
• AttackIQ / DetectIQ
  ☆116Updated 5 months ago
• MHaggis / ASRGEN
  ASR Configurator, Essentials and Atomic Testing
  ☆99Updated 7 months ago
• Bert-JanP / SecScripts
  Security Scripts and Sources for daily usage.
  ☆67Updated last month
• Gadzhovski / TRACE-Forensic-Toolkit
  Digital forensic analysis tool that provides a user-friendly interface for investigating disk images.
  ☆194Updated last week
• keydet89 / Events-Ripper
  Project based on RegRipper, to extract add'l value/pivot points from TLN events file
  ☆88Updated 9 months ago
• davidljohnson / flowviz
  AI-powered cybersecurity attack flow visualization tool using MITRE ATT&CK
  ☆172Updated 3 weeks ago
• nasbench / Eventlog_Compendium
  The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.
  ☆49Updated 6 months ago
• bruneaug / DShield-SIEM
  DShield Sensor Log Collection with ELK
  ☆43Updated this week
• brayden031 / varalyze
  Cyber threat intelligence tool suite.
  ☆42Updated 7 months ago
• curated-intel / Attribution-to-IP
  A collection of methods to learn who the owner of an IP address is.
  ☆176Updated last month
• jischell-msft / RemoteManagementMonitoringTools
  Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations
  ☆99Updated 3 months ago
• magicsword-io / LOLRMM
  LotL RMM
  ☆256Updated 3 weeks ago
• chocolatecoat / DFIR-Templates
  Incident Response documents and tooling
  ☆109Updated 2 months ago
• northsh / detection.studio
  Convert Sigma rules to SIEM queries, directly in your browser.
  ☆96Updated 3 weeks ago
• The-DFIR-Report / DFIR-Artifacts
  Repository for sharing examples of our artifacts data and for use in new analyst recruitment.
  ☆108Updated 6 months ago
• khyrenz / parseusbs
  Parses USB connection artifacts from offline Registry hives
  ☆102Updated 5 months ago