Alternatives and similar repositories for siemcraft:

Users that are interested in siemcraft are comparing it to the libraries listed below

• mttaggart / wtfbins
  WTF are these binaries doing?! A list of benign applications that mimic malicious behavior.
  ☆160Updated last week
• CrowdStrike / SuperMem
  A python script developed to process Windows memory images based on triage type.
  ☆261Updated last year
• mttaggart / seclab
  Automated security lab provisioning
  ☆73Updated 2 weeks ago
• Cyb3r-Monk / RITA-J
  Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.
  ☆201Updated 2 years ago
• nov3mb3r / trident
  A PowerShell incident response script for quick triage
  ☆80Updated 2 years ago
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆63Updated 2 years ago
• swimlane / atomic-operator
  A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.
  ☆138Updated 8 months ago
• mandiant / thiri-notebook
  The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…
  ☆155Updated 2 years ago
• hashlookup / hashlookup-forensic-analyser
  Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https…
  ☆126Updated last year
• Neo23x0 / god-mode-rules
  God Mode Detection Rules
  ☆134Updated 8 months ago
• Defenders-Guide / TheDefendersGuide
  The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson
  ☆151Updated last year
• Neo23x0 / tiny-shells
  All kinds of tiny shells
  ☆58Updated 2 years ago
• paladin316 / ThreatHunting
  This repo is where I store my Threat Hunting ideas/content
  ☆87Updated last year
• hpthreatresearch / subcrawl
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆146Updated last year
• iknowjason / BlueCloud
  Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
  ☆133Updated 2 years ago
• WithSecureLabs / detectree
  Data visualization for blue teams
  ☆125Updated 2 years ago
• ANSSI-FR / DFIR4vSphere
  Powershell module for VMWare vSphere forensics
  ☆150Updated 5 months ago
• tsale / translated_conti_leaked_comms
  Leaked communication of Conti ransomware group from Jan 29, 2021 to Feb 27, 2022
  ☆131Updated 3 years ago
• mrcbax / honeyup
  An uploader honeypot designed to look like poor website security.
  ☆28Updated 4 months ago
• gtworek / VolatileDataCollector
  ☆202Updated 5 months ago
• The-DFIR-Report / Sigma-Rules
  Rules generated from our investigations.
  ☆194Updated 2 weeks ago
• theflakes / reg_hunter
  Blueteam operational triage registry hunting/forensic tool.
  ☆145Updated last year
• socprime / the-prime-hunt
  A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation
  ☆77Updated 10 months ago
• airbus-cert / ntTraceControl
  Powershell Event Tracing Toolbox
  ☆75Updated 3 years ago
• pulsedive / certrss
  ☆117Updated last year
• BinaryDefense / log4j-honeypot-flask
  Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228
  ☆149Updated 3 years ago
• Neo23x0 / BlueLedger
  A list of my personal projects
  ☆176Updated 2 years ago
• curated-intel / Log4Shell-IOCs
  A collection of intelligence about Log4Shell and its exploitation activity.
  ☆183Updated 3 years ago
• Neo23x0 / Rewind
  Immediate Virus Infection Counter Measures
  ☆62Updated 3 years ago
• randomaccess3 / Awesome-BEC
  Repository of attack and defensive information for Business Email Compromise investigations
  ☆250Updated 2 months ago