Alternatives and similar repositories for awesome-endpoint-detection-and-response:

Users that are interested in awesome-endpoint-detection-and-response are comparing it to the libraries listed below

• microsoft / MSTIC-Sysmon
  Anything Sysmon related from the MSTIC R&D team
  ☆152Updated 10 months ago
• viper-framework / viper2
  File analysis and management framework.
  ☆82Updated last year
• Hestat / ossec-sysmon
  A Ruleset to enhance detection capabilities of Ossec using Sysmon
  ☆91Updated 2 years ago
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆63Updated 2 years ago
• theflakes / sigma_to_wazuh
  Convert Sigma rules to Wazuh rules
  ☆64Updated 11 months ago
• fkie-cad / socbed
  A Self-Contained Open-Source Cyberattack Experimentation Testbed
  ☆40Updated last month
• JHUAPL / Low-Regret-Methodology
  ☆27Updated 4 years ago
• 100DaysofYARA / 2023
  Rules Shared by the Community from 100 Days of YARA 2023
  ☆76Updated last year
• center-for-threat-informed-defense / sensor-mappings-to-attack
  Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…
  ☆49Updated 3 weeks ago
• markuskont / pikksilm
  Look into EDR events from network
  ☆23Updated 11 months ago
• zeek / zeek-agent-v2
  Open source endpoint agent providing host information to Zeek. [v2]
  ☆80Updated 5 months ago
• weslambert / DinoSOARLab
  Security Onion + Automation + Response Lab including n8n and Velociraptor
  ☆108Updated 2 years ago
• elastic / labs-releases
  Elastic Security Labs releases
  ☆61Updated last week
• silascutler / awesome-docker-malware-analysis
  Repository of tools and resources for analyzing Docker containers
  ☆64Updated last year
• EC-DIGIT-CSIRC / openai-cti-summarizer
  Small web frontend for using openAI's GPT-3.5 and GPT-4's API
  ☆53Updated 7 months ago
• SimoneCagol / sigma-rules-crawler
  ☆31Updated this week
• mthcht / ThreatHunting-Keywords-yara-rules
  yara detection rules for hunting with the threathunting-keywords project
  ☆115Updated last month
• OTRF / OSSEM-DD
  OSSEM Data Dictionaries
  ☆59Updated 2 months ago
• malpedia / signator-rules
  Collection of rules created using YARA-Signator over Malpedia
  ☆127Updated 4 months ago
• CERN-CERT / pDNSSOC
  Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.
  ☆51Updated 3 months ago
• intelowlproject / GreedyBear
  Threat Intel Platform for T-POTs
  ☆144Updated last week
• vuldb / cyber_threat_intelligence
  Cyber Threat Intelligence Data, Indicators, and Analysis
  ☆84Updated 3 months ago
• SigmaHQ / pySigma-backend-elasticsearch
  pySigma Elasticsearch backend
  ☆50Updated this week
• COSSAS / SOARCA
  SOARCA - The Open Source CACAO-based Security Orchestrator!
  ☆72Updated this week
• delivr-to / detections
  A home for detection content developed by the delivr.to team
  ☆68Updated 2 months ago
• malienist / lupo
  Lupo - Malware IOC Extractor. Debugging module for Malware Analysis Automation
  ☆106Updated 2 years ago
• silverfort-open-source / latma
  ☆80Updated last year
• The-DFIR-Report / Yara-Rules
  ☆68Updated last month
• cyware-labs / Threat-Response-Docker
  ☆42Updated 2 years ago
• CTI-Driven / LOLBins
  The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…
  ☆119Updated last year