Alternatives and similar repositories for awesome-endpoint-detection-and-response

Users that are interested in awesome-endpoint-detection-and-response are comparing it to the libraries listed below

• mthcht / ThreatHunting-Keywords-yara-rules
  yara detection rules for hunting with the threathunting-keywords project
  ☆117Updated this week
• The-DFIR-Report / Yara-Rules
  ☆69Updated 2 months ago
• microsoft / MSTIC-Sysmon
  Anything Sysmon related from the MSTIC R&D team
  ☆153Updated 11 months ago
• cyware-labs / Threat-Response-Docker
  ☆43Updated 2 years ago
• elastic / labs-releases
  Elastic Security Labs releases
  ☆64Updated last month
• mitre / atomic
  A MITRE Caldera plugin
  ☆43Updated 5 months ago
• Hestat / ossec-sysmon
  A Ruleset to enhance detection capabilities of Ossec using Sysmon
  ☆92Updated 3 years ago
• zeek / zeek-agent-v2
  Open source endpoint agent providing host information to Zeek. [v2]
  ☆80Updated this week
• markuskont / pikksilm
  Look into EDR events from network
  ☆23Updated 2 weeks ago
• telekom-security / malware_analysis
  This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.
  ☆114Updated last year
• viper-framework / viper2
  File analysis and management framework.
  ☆83Updated last year
• alt3kx / wafaray
  Enhance your malware detection with WAF + YARA (WAFARAY)
  ☆108Updated 2 years ago
• mitre / engage
  MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.
  ☆65Updated last year
• EC-DIGIT-CSIRC / openai-cti-summarizer
  Small web frontend for using openAI's GPT-3.5 and GPT-4's API
  ☆53Updated last month
• malpedia / signator-rules
  Collection of rules created using YARA-Signator over Malpedia
  ☆129Updated 6 months ago
• 100DaysofYARA / 2023
  Rules Shared by the Community from 100 Days of YARA 2023
  ☆76Updated 2 years ago
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆63Updated 2 years ago
• theflakes / sigma_to_wazuh
  Convert Sigma rules to Wazuh rules
  ☆64Updated last year
• abusech / ThreatFox
  Open IOC sharing platform
  ☆56Updated 6 months ago
• CybercentreCanada / CCCS-Yara
  YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA
  ☆104Updated this week
• SigmaHQ / pySigma-backend-elasticsearch
  pySigma Elasticsearch backend
  ☆53Updated 2 weeks ago
• fkie-cad / socbed
  A Self-Contained Open-Source Cyberattack Experimentation Testbed
  ☆41Updated 2 months ago
• center-for-threat-informed-defense / sensor-mappings-to-attack
  Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…
  ☆50Updated last month
• StevenD33 / Lab-DFIR-SOC
  ☆65Updated 4 years ago
• OTRF / OSSEM-DD
  OSSEM Data Dictionaries
  ☆59Updated 3 months ago
• ThreatLabz / iocs
  This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports
  ☆73Updated 5 months ago
• UncoderIO / Roota
  Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …
  ☆127Updated 9 months ago
• silverfort-open-source / latma
  ☆80Updated 2 years ago
• WithSecureLabs / detectree
  Data visualization for blue teams
  ☆126Updated 2 years ago
• TheHive-Project / awesome
  A curated list of awesome things related to TheHive & Cortex
  ☆179Updated 3 years ago