Alternatives and similar repositories for community

Users that are interested in community are comparing it to the libraries listed below

• StrangerealIntel / DeltaFlare
  ☆12Updated 3 years ago
• ohjeongwook / WindowsEventTools
  Collection Of Scripts And Utilities For Windows Event Hunting
  ☆18Updated 5 years ago
• kacos2000 / Evtx_Log_Browser
  Evtx Log (xml) Browser
  ☆56Updated 2 years ago
• DissectMalware / OfficeForensicTools
  A set of tools for collecting forensic information
  ☆26Updated 5 years ago
• dfirlabs / ntfs-specimens
  NTFS file system specimens
  ☆13Updated last year
• imp0rtp3 / yara-rules
  Yara rules written by me, for free use.
  ☆19Updated 3 years ago
• woanware / etw-event-dumper
  ☆33Updated 3 years ago
• stairwell-inc / threat-research
  Repository of tools, YARA rules, and code-snippets from Stairwell's research team.
  ☆22Updated last year
• ryanmrestivo / blue-team
  Some portable tools, some YARA, some Python, and a little bit of love. Not all of these tools can be used in incident response. Use PEs…
  ☆36Updated last month
• jsecurity101 / jsecurity101
  ☆14Updated 2 months ago
• JPCERTCC / SurfaceAnalysis-on-Cloud
  Surface Analysis System on Cloud
  ☆19Updated last year
• idnahacks / NetCeasePlusPlus
  Takes the original idea of NetCease and adds functionality
  ☆24Updated 3 years ago
• kirk-sayre-work / xlmulator
  Python emulator for Excel XLM macros.
  ☆18Updated 5 years ago
• herosi / triage-collector
  ☆22Updated 7 months ago
• alwashmi / MasterParser
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆23Updated 3 years ago
• k3idii / ION
  Indicators of Normality
  ☆12Updated 2 years ago
• SadProcessor / EzETW
  Cmdlets for capturing Windows Events
  ☆14Updated 3 years ago
• ssp4rk / threatintel
  ☆11Updated 4 years ago
• AndrewRathbun / SANSGoldPaperResearch_FOR500_Rathbun
  A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.
  ☆27Updated 2 years ago
• 0xThiebaut / Signatures
  🚧 Currently transfering TLP:CLEAR rules from TLP:AMBER repository...
  ☆21Updated last year
• OTRF / bloodhound-notebooks
  Notebooks created to attack and secure Active Directory environments
  ☆27Updated 5 years ago
• ArsenalRecon / SdbaParser
  Parser for Sdba memory pool tags
  ☆18Updated 3 years ago
• mdecrevoisier / Windows-authentication-brutforce-cheatsheet
  Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.
  ☆18Updated last year
• gajos112 / SRUM-Timeliner
  ☆10Updated last year
• sandflysecurity / sandfly-file-decloak
  Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.
  ☆25Updated 2 years ago
• Ben0xA / PowerShellScripts
  Random PowerShell Scripts
  ☆16Updated 3 years ago
• randomaccess3 / block-parser
  Parser for Windows PowerShell script block logs
  ☆13Updated 5 months ago
• faisalusuf / ThreatIntelligence
  Tracking APT IOCs
  ☆25Updated 4 years ago
• stairwell-inc / cobalt-strike-stager-parser
  ☆34Updated 2 years ago
• fatihsirin / Tweettioc-Splunk-App
  Tweettioc Splunk App
  ☆20Updated 4 years ago