Alternatives and similar repositories for Blue-Team-Tools

Users that are interested in Blue-Team-Tools are comparing it to the libraries listed below

• tobor88 / PowerShell-Blue-Team
  Collection of PowerShell functinos and scripts a Blue Teamer might use
  ☆85Updated last year
• brianreitz / awesome-blueteam
  A list of resources to build a information security team.
  ☆13Updated 4 years ago
• Bert-JanP / Domain-Response
  Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…
  ☆47Updated last year
• hackjalstead / IRCP
  A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments
  ☆65Updated 3 years ago
• CrowdStrike / MISP-tools
  Import CrowdStrike Threat Intelligence into your instance of MISP
  ☆46Updated 2 months ago
• dfircheatsheet / dfircheatsheet.github.io
  ☆66Updated 2 years ago
• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆70Updated 2 years ago
• MHaggis / notes
  Full of public notes and Utilities
  ☆113Updated 3 months ago
• reversinglabs / reversinglabs-siem-rules
  A collection of various SIEM rules relating to malware family groups.
  ☆66Updated 11 months ago
• NextronSystems / thor-lite
  Fast IOC and YARA Scanner
  ☆79Updated 5 years ago
• joshlemon / DFIR-Reference-Frameworks
  Repository of public reference frameworks for the DFIR community.
  ☆116Updated last year
• adhdproject / awesome-active-defense
  an awesome list of active defense resources
  ☆120Updated 4 years ago
• Neo23x0 / Talks
  Slides of my public talks
  ☆55Updated last year
• paladin316 / ThreatHunting
  This repo is where I store my Threat Hunting ideas/content
  ☆87Updated 2 years ago
• dfirence / ma-insights-xe
  User Feedback Space of #MitreAssistant
  ☆37Updated 2 years ago
• EZToolsManuals / EZToolsManuals
  A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub
  ☆75Updated last year
• bobby-tablez / Enable-All-The-Logs
  This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malwar…
  ☆30Updated last month
• AndrewRathbun / Awesome-KAPE
  A curated list of KAPE-related resources
  ☆168Updated last month
• op7ic / BlueTeam.Lab
  Blue Team detection lab created with Terraform and Ansible in Azure.
  ☆158Updated 6 months ago
• WGU-CCDC / Blue-Team-Tools
  A collection of scripts, tools. and configs for various OS'es and applications, all free and or open-source, to assist in impromptu Blue-…
  ☆102Updated 2 years ago
• mthcht / Purpleteam
  Purpleteam scripts simulation & Detection - trigger events for SOC detections
  ☆185Updated 5 months ago
• nasbench / SIGMA-Resources
  Resources To Learn And Understand SIGMA Rules
  ☆175Updated 2 years ago
• securityjoes / ForensicMiner
  A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
  ☆155Updated 2 months ago
• gmellini / Microsoft-Defender-Security-Center-Hunting-Queries
  Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…
  ☆39Updated 4 years ago
• StevenD33 / Lab-DFIR-SOC
  ☆66Updated 4 years ago
• DFIRKuiper / Hoarder
  ☆19Updated 2 years ago
• clairmont32 / VirusTotal-Tools
  Submits multiple domains to VirusTotal API
  ☆60Updated 3 years ago
• huebicode / abuselookup-gui
  A GUI to query the API of abuse.ch.
  ☆70Updated 2 years ago
• cutaway-security / sawh
  Stand-Alone Windows Hardening (SAWH) is a script to reduce the attack surface of Windows systems that are not attached to a Windows Activ…
  ☆52Updated 3 years ago
• swisscom / Invoke-Forensics
  Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.
  ☆114Updated last year