Alternatives and similar repositories for linux-audit

Users that are interested in linux-audit are comparing it to the libraries listed below

• Velocidex / cloudvelo
  An experimental Velociraptor implementation using cloud infrastructure
  ☆25Updated last week
• NVISOsecurity / nviso-cti
  ☆42Updated last year
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆55Updated 11 months ago
• zeflow / Sigma2SplunkAlert
  Converts Sigma detection rules to a Splunk alert configuration.
  ☆13Updated 3 years ago
• blackstork-io / fabric-templates
  Open-source Fabric templates for cybersecurity and compliance
  ☆20Updated 5 months ago
• alwashmi / MasterParser
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆23Updated 3 years ago
• nasbench / C2-Matrix-Indicators
  This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
  ☆73Updated 3 years ago
• CIRCL / factual-rules-generator
  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
  ☆76Updated 3 years ago
• mdecrevoisier / Windows-authentication-brutforce-cheatsheet
  Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.
  ☆18Updated last year
• CanTopay / thehive-playbook-creator
  A script to create and assign SOP tasks into the cases
  ☆20Updated 4 years ago
• bromiley / pollen
  pollen - A command-line tool for interacting with TheHive
  ☆35Updated 6 years ago
• nettitude / PoshC2_IOCs
  A list of IOCs applicable to PoshC2
  ☆24Updated 4 years ago
• NextronSystems / thunderstorm-collector
  THOR Thunderstorm Collectors
  ☆24Updated 2 months ago
• Shuffle / workflows
  Workflows for Shuffle
  ☆23Updated 2 years ago
• olafhartong / sysmon-modular-linux
  A repository of Sysmon For Linux configuration modules
  ☆15Updated 3 years ago
• fatihsirin / Tweettioc-Splunk-App
  Tweettioc Splunk App
  ☆20Updated 4 years ago
• cudeso / dfir-iris-misp-timesketch
  Scripts to integrate DFIR-IRIS, MISP and TimeSketch
  ☆34Updated 3 years ago
• markuskont / pikksilm
  Look into EDR events from network
  ☆23Updated last month
• MISP / SkillAegis
  SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…
  ☆30Updated last month
• threathunters-io / QLOG
  Windows Security Logging
  ☆43Updated 2 years ago
• chihebchebbi / Azure-Sentinel-Hive-Playbook
  Send High & New Incidents to The Hive incident management Platform
  ☆18Updated 4 years ago
• fox-it / citrix-netscaler-triage
  Dissect triage script for Citrix NetScaler devices
  ☆23Updated this week
• j91321 / ansible-role-sysmon
  Ansible role for installing Sysmon with popular config files included.
  ☆25Updated 2 years ago
• KaanSK / Go-MISPFeedGenerator
  Golang implementation of PyMISP-feedgenerator
  ☆17Updated 2 years ago
• OTRF / bloodhound-notebooks
  Notebooks created to attack and secure Active Directory environments
  ☆27Updated 5 years ago
• newcontext-oss / opencti-terraform
  Terraform scripts for deploying OpenCTI to AWS, Azure, and GCP
  ☆31Updated last year
• delivr-to / detections
  A home for detection content developed by the delivr.to team
  ☆69Updated 3 weeks ago
• The-DFIR-Report / Suricata-Rules
  ☆11Updated 2 years ago
• CyCat-project / cycat-service
  CyCAT.org API back-end server including crawlers
  ☆29Updated 2 years ago
• BinaryDefense / beacon-fronting
  A simple command line program to help defender test their detections for network beacon patterns and domain fronting
  ☆69Updated 3 years ago