Alternatives and similar repositories for endpoint:

Users that are interested in endpoint are comparing it to the libraries listed below

• OTRF / OSSEM-DD
  OSSEM Data Dictionaries
  ☆59Updated last week
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆63Updated 2 years ago
• Security-Onion-Solutions / securityonion-image
  ☆48Updated last week
• mitre / stockpile
  A CALDERA plugin
  ☆74Updated 2 months ago
• SigmaHQ / pySigma-backend-splunk
  pySigma Splunk backend
  ☆35Updated last week
• The-DFIR-Report / Yara-Rules
  ☆64Updated last week
• siriussecurity / dettectinator
  Dettectinator - The Python library to your DeTT&CT YAML files.
  ☆107Updated 2 weeks ago
• OTRF / OSSEM-CDM
  OSSEM Common Data Model
  ☆55Updated 2 years ago
• elastic / detection-rules-explorer
  ☆18Updated this week
• UncoderIO / Uncoder_IO
  An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.
  ☆137Updated this week
• mbabinski / Sigma-Rules
  A repository of my own Sigma detection rules.
  ☆157Updated 4 months ago
• NerbalOne / SentinelOne-Queries
  This will be a repository of SentinelOne Deep Visibility queries both the Standard Queries and the Power Queries. Most of these queries w…
  ☆25Updated 3 months ago
• EC-DIGIT-CSIRC / OpenTIDE
  Open Threat-Informed Detection Engineering
  ☆32Updated 2 weeks ago
• CrowdStrike / MISP-tools
  Import CrowdStrike Threat Intelligence into your instance of MISP
  ☆42Updated 3 months ago
• MHaggis / notes
  Full of public notes and Utilities
  ☆95Updated 2 months ago
• Cyb3rWard0g / IntelRAGU
  Intel Retrieval Augmented Generation (RAG) Utilities
  ☆90Updated last year
• mitre / emu
  This CALDERA Plugin converts Adversary Emulation Plans from the Center for Threat Informed Defense
  ☆29Updated 11 months ago
• NextronSystems / evtx-baseline
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆75Updated last year
• splunk / attack-detections-collector
  Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique
  ☆65Updated 10 months ago
• microsoft / MSTIC-Sysmon
  Anything Sysmon related from the MSTIC R&D team
  ☆148Updated 7 months ago
• HASecuritySolutions / LogCampaign
  Provides detection capabilities and log conversion to evtx or syslog capabilities
  ☆52Updated 2 years ago
• Neo23x0 / Talks
  Slides of my public talks
  ☆49Updated last year
• korniko98 / pivot-atlas
  ☆86Updated 5 months ago
• AttackIQ / SigmAIQ
  A pySigma wrapper and langchain toolkit for automatic rule creation/translation
  ☆73Updated last week
• siriussecurity / mitre-attack-mapping
  Mapping your datasources and detections to the MITRE ATT&CK Navigator framework.
  ☆57Updated 4 years ago
• thremulation-station / thremulation-station
  Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
  ☆36Updated last year
• SigmaHQ / pySigma-backend-elasticsearch
  pySigma Elasticsearch backend
  ☆49Updated this week
• ThreatLabz / iocs
  This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports
  ☆66Updated 2 months ago
• mitre / engage
  MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.
  ☆62Updated 9 months ago
• MHaggis / ShellSweep
  ShellSweeping the evil.
  ☆52Updated 7 months ago