Alternatives and similar repositories for awesome-endpoint-detection-and-response

Users that are interested in awesome-endpoint-detection-and-response are comparing it to the libraries listed below

• Hestat / ossec-sysmon
  A Ruleset to enhance detection capabilities of Ossec using Sysmon
  ☆93Updated 3 years ago
• theflakes / sigma_to_wazuh
  Convert Sigma rules to Wazuh rules
  ☆67Updated last year
• microsoft / MSTIC-Sysmon
  Anything Sysmon related from the MSTIC R&D team
  ☆153Updated last year
• NextronSystems / thor-lite
  Fast IOC and YARA Scanner
  ☆80Updated 5 years ago
• SimoneCagol / sigma-rules-crawler
  ☆31Updated last week
• crow1011 / wazuh2thehive
  Wazuh integration TheHive
  ☆35Updated 2 years ago
• weslambert / velociraptor-docker
  Docker image for Velocidex Velociraptor
  ☆126Updated 3 months ago
• cyware-labs / Threat-Response-Docker
  ☆43Updated 2 years ago
• mthcht / ThreatHunting-Keywords-yara-rules
  yara detection rules for hunting with the threathunting-keywords project
  ☆121Updated last month
• silascutler / awesome-docker-malware-analysis
  Repository of tools and resources for analyzing Docker containers
  ☆65Updated last year
• fkie-cad / socbed
  A Self-Contained Open-Source Cyberattack Experimentation Testbed
  ☆41Updated last week
• zeek / zeek-agent-v2
  Open source endpoint agent providing host information to Zeek. [v2]
  ☆83Updated last week
• viper-framework / viper2
  File analysis and management framework.
  ☆84Updated last year
• Security-Onion-Solutions / securityonion-soc
  ☆54Updated this week
• BushidoUK / Exploring-APT-campaigns
  Further investigation in to APT campaigns disclosed by private security firms and security agencies
  ☆86Updated 3 years ago
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆63Updated 2 years ago
• silverfort-open-source / latma
  ☆80Updated 2 years ago
• CybercentreCanada / CCCS-Yara
  YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA
  ☆104Updated last month
• mitre / atomic
  A MITRE Caldera plugin
  ☆43Updated 6 months ago
• OTRF / OSSEM-DD
  OSSEM Data Dictionaries
  ☆60Updated 4 months ago
• markuskont / pikksilm
  Look into EDR events from network
  ☆23Updated last month
• Neo23x0 / Loki2
  LOKI2 - Simple IOC and YARA Scanner
  ☆93Updated 10 months ago
• The-DFIR-Report / Yara-Rules
  ☆68Updated 3 months ago
• malpedia / signator-rules
  Collection of rules created using YARA-Signator over Malpedia
  ☆130Updated 7 months ago
• pan-unit42 / tweets
  ☆130Updated last year
• travisbgreen / hunting-rules
  Suricata rules for network anomaly detection
  ☆164Updated last month
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆131Updated 9 months ago
• netskopeoss / NetskopeThreatLabsIOCs
  ☆131Updated 2 weeks ago
• weslambert / DinoSOARLab
  Security Onion + Automation + Response Lab including n8n and Velociraptor
  ☆109Updated 2 years ago
• M00NLIG7 / ChopChopGo
  Rapidly Search and Hunt through Linux Forensics Artifacts
  ☆193Updated last year