Alternatives and similar repositories for endpoint:

Users that are interested in endpoint are comparing it to the libraries listed below

• OTRF / OSSEM-DD
  OSSEM Data Dictionaries
  ☆59Updated last month
• NerbalOne / SentinelOne-Queries
  This will be a repository of SentinelOne Deep Visibility queries both the Standard Queries and the Power Queries. Most of these queries w…
  ☆25Updated 4 months ago
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆63Updated 2 years ago
• mitre / stockpile
  A CALDERA plugin
  ☆75Updated this week
• Security-Onion-Solutions / securityonion-image
  ☆48Updated this week
• siriussecurity / dettectinator
  Dettectinator - The Python library to your DeTT&CT YAML files.
  ☆109Updated 2 months ago
• inodee / spl-to-kql
  The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…
  ☆40Updated 4 years ago
• RomaissaAdjailia / MindMaps
  ☆23Updated 2 years ago
• atc-project / atc-data
  Actionable data for Security Operations
  ☆18Updated 3 years ago
• HASecuritySolutions / LogCampaign
  Provides detection capabilities and log conversion to evtx or syslog capabilities
  ☆52Updated 2 years ago
• The-DFIR-Report / Yara-Rules
  ☆67Updated 2 weeks ago
• olafhartong / Presentations
  My conference presentations
  ☆66Updated last year
• OTRF / OSSEM-CDM
  OSSEM Common Data Model
  ☆55Updated 2 years ago
• blackstork-io / fabric-templates
  Open-source Fabric templates for cybersecurity and compliance
  ☆16Updated 2 months ago
• SigmaHQ / pySigma-backend-elasticsearch
  pySigma Elasticsearch backend
  ☆50Updated last week
• microsoft / MSTIC-Sysmon
  Anything Sysmon related from the MSTIC R&D team
  ☆150Updated 9 months ago
• center-for-threat-informed-defense / public-resources
  Collection of resources related to the Center for Threat-Informed Defense
  ☆77Updated 9 months ago
• thremulation-station / thremulation-station
  Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
  ☆37Updated last year
• OTRF / Set-AuditRule
  Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity
  ☆90Updated 3 years ago
• sophos / solarwinds-threathunt
  Threathunt details for the Solarwinds compromise
  ☆33Updated 3 years ago
• NextronSystems / evtx-baseline
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆76Updated last year
• invictus-ir / Blue-team-app-Office-365-and-Azure
  ☆72Updated 4 months ago
• elastic / detection-rules-explorer
  ☆18Updated this week
• MHaggis / notes
  Full of public notes and Utilities
  ☆98Updated last month
• Velocidex / velociraptor-docs
  Documentation site for Velociraptor
  ☆43Updated this week
• splunk / attack-detections-collector
  Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique
  ☆65Updated 11 months ago
• Neo23x0 / Talks
  Slides of my public talks
  ☆54Updated last year
• blacklanternsecurity / sigma-rules
  A collection of Sigma rules organized by MITRE ATT&CK technique
  ☆17Updated 3 years ago
• SigmaHQ / sigma-cli
  The Sigma command line interface based on pySigma
  ☆146Updated 2 weeks ago
• PlumHound / PlumHound-Tasks
  Community Tasks/Plans for PlumHound Queueing
  ☆23Updated 2 years ago