Alternatives and similar repositories for exabeam-enhancement-suite:

Users that are interested in exabeam-enhancement-suite are comparing it to the libraries listed below

• ExabeamLabs / Synopsis
  Synopsis is a tool to aid analysts reviewing browser history files by providing a high-level “synopsis” of key information.
  ☆21Updated 6 years ago
• tstillz / cbr-timeliner
  Quick script to build host or investigation timelines using Carbon Black Response
  ☆12Updated 6 years ago
• haidermdost / Threat-Detection-Maturity-Framework
  ☆18Updated 3 years ago
• philhagen / for572-scripts
  A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis
  ☆26Updated 3 months ago
• Jrotenberger / Powershell-IR-Scripts
  ☆39Updated 5 years ago
• HASecuritySolutions / LogCampaign
  Provides detection capabilities and log conversion to evtx or syslog capabilities
  ☆52Updated 2 years ago
• jakob-source / falcon-crowdstrike
  A collection of searches, interesting events and tables on Crowdstrike Splunk.
  ☆29Updated 4 years ago
• Maboalenen / DFIR
  Incident response teams usually working on the offline data, collecting the evidence, then analyze the data
  ☆44Updated 3 years ago
• edelucia / rules
  Cyber Threats Detection Rules
  ☆14Updated 3 months ago
• randomuserid / Baltar
  Searches for Insider Threat Hunting
  ☆31Updated 5 years ago
• HASecuritySolutions / elastic_stack
  ☆34Updated 3 years ago
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆42Updated 4 years ago
• UNIT777 / Email2TheHive
  This package allows for creating alerts in The Hive from emails retrieved from a Microsoft Exchange mailbox.
  ☆12Updated 7 years ago
• atc-project / react-navigator
  Web app that provides basic navigation and annotation of ATT&CK matrices
  ☆16Updated 4 years ago
• atc-project / atc-mitigation
  Actionable analytics designed to combat threats based on MITRE's ATT&CK.
  ☆22Updated 5 years ago
• NorthfieldCreative / splunk-crowdstrike-event-queries
  ☆13Updated 2 months ago
• keydet89 / IWSBook
  Site for IWS book content
  ☆18Updated 6 years ago
• n3l5 / irMempull
  PowerShell Memory Pulling script
  ☆19Updated 10 years ago
• sans-blue-team / sec555-wiki
  ☆77Updated 5 years ago
• weslambert / securityonion-strelka
  ☆12Updated 5 years ago
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆53Updated 4 years ago
• cdefid / TheHiveIRPlaybook
  TheHiveIRPlaybook is a collection of TheHive case templates used for Incident Response
  ☆13Updated 4 years ago
• MHaggis / sysmon-splunk-app
  Sysmon Splunk App
  ☆46Updated 6 years ago
• chaoticmachinery / frac_rift
  FRAC and RIFT
  ☆17Updated 6 years ago
• aboutsecurity / jupyter-notebooks
  My Jupyter Notebooks
  ☆36Updated 2 weeks ago
• Foundstone / ExpertInvestigationGuides
  Expert Investigation Guides
  ☆51Updated 4 years ago
• ajackal / ir_scripts
  incident response scripts
  ☆19Updated 6 years ago
• elvigilantesoc / cbhunting
  Carbon Black Hunting
  ☆8Updated 8 years ago
• elastic / sans-dfir-2022
  Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"
  ☆11Updated last month
• daveherrald / SA_plaso-app-for-splunk
  ☆15Updated 7 years ago