Alternatives and similar repositories for SecOpsSamples

Users that are interested in SecOpsSamples are comparing it to the libraries listed below

• tesorion / TCERT-Cumulonimbus-UAL_Extractor
  Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…
  ☆21Updated 2 years ago
• op7ic / Cloud-Investigate
  A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.
  ☆40Updated last year
• DefensiveOrigins / DO-LAB
  ☆50Updated last week
• LivingInSyn / RMML
  A list of RMMs designed to be used in automation to build alerts
  ☆117Updated 2 months ago
• Beercow / DFIR_Toolbar
  ☆28Updated 3 months ago
• corelight / Elasticsearch_rules
  Elastic version of SOC prime watcher rules
  ☆30Updated last year
• svch0stz / velociraptor-detections
  ☆22Updated 3 years ago
• curated-intel / The-CTI-Research-Guide
  A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners
  ☆115Updated last year
• Neo23x0 / god-mode-rules
  God Mode Detection Rules
  ☆135Updated last year
• socprime / the-prime-hunt
  A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation
  ☆77Updated last year
• mthcht / ThreatHunting-Keywords-sigma-rules
  Sigma detection rules for hunting with the threathunting-keywords project
  ☆58Updated 11 months ago
• Bert-JanP / Domain-Response
  Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…
  ☆49Updated last month
• Sam0x90 / CTI
  Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on
  ☆83Updated last year
• montysecurity / InfraHunter
  Actively hunt for attacker infrastructure by filtering Shodan results with URLScan data.
  ☆63Updated last year
• markkcc / crxaminer
  Examine Chrome extensions for security issues
  ☆93Updated 2 months ago
• mitre / training
  A CALDERA plugin
  ☆27Updated last week
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆51Updated last year
• FalconForceTeam / FalconForge
  This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deployin…
  ☆17Updated 2 years ago
• malwarejake-public / conference-presentations
  Conference presentations
  ☆60Updated 3 months ago
• reversinglabs / reversinglabs-siem-rules
  A collection of various SIEM rules relating to malware family groups.
  ☆70Updated last year
• blacklanternsecurity / enter_the_matrix
  ETM enables the creation of detailed attack graphs and figures while calculating the risk associated with your attack narratives. ETM was…
  ☆26Updated 2 years ago
• mikoiv / MicrosoftSentinel-ShodanMonitor
  Ingesting Shodan Monitor Alerts to Microsoft Sentinel
  ☆34Updated 2 years ago
• TactiKoolSec / OTHF
  Open Threat Hunting Framework
  ☆123Updated 2 years ago
• anvilogic-forge / armory
  Anvilogic Forge
  ☆114Updated 4 months ago
• matthieugras / timeline-downloader
  ☆70Updated this week
• tropChaud / Cyber-Adversary-Heatmaps
  Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.
  ☆36Updated 3 years ago
• iknowjason / BlueCloud
  Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
  ☆145Updated 3 years ago
• curated-intel / MOVEit-Transfer
  A repository for tracking events related to the MOVEit Transfer Cl0p Campaign
  ☆71Updated 2 years ago
• kcyerrid / CTI
  Cyber Threat Intelligence
  ☆73Updated 2 months ago
• schwartz1375 / Threat-Hunting-in-AWS
  ☆33Updated 3 years ago