Alternatives and similar repositories for Wazuh-Rules

Users that are interested in Wazuh-Rules are comparing it to the libraries listed below

• socfortress / CoPilot
  SOCFortress CoPilot
  ☆346Updated this week
• socfortress / Playbooks
  Playbooks for SOC Analysts
  ☆579Updated 2 years ago
• dfir-iris / iris-web
  Collaborative Incident Response platform
  ☆1,246Updated last week
• mthcht / awesome-lists
  Awesome Security lists for SOC/CERT/CTI
  ☆1,091Updated this week
• Bert-JanP / Open-Source-Threat-Intel-Feeds
  This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…
  ☆701Updated 7 months ago
• MISP / misp-docker
  A production ready Dockered MISP
  ☆270Updated last week
• BlackPerl-DFIR / SOC-OpenSource
  This is a Project Designed for Security Analysts and all SOC audiences who wants to play with implementation and explore the Modern SOC a…
  ☆684Updated 11 months ago
• V1D1AN / S1EM
  This project is a SIEM with SIRP and Threat Intel, all in one.
  ☆460Updated 9 months ago
• Bert-JanP / Incident-Response-Powershell
  PowerShell Digital Forensics & Incident Response Scripts.
  ☆684Updated last month
• tguard-soc-package / nusantara
  ☆217Updated last year
• securityjoes / MasterParser
  MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs
  ☆741Updated 2 weeks ago
• Krook9d / PurpleLab
  PurpleLab is an efficient and readily deployable lab solution, providing a swift setup for cybersecurity professionals to test detection…
  ☆709Updated 3 weeks ago
• certsocietegenerale / IRM
  Incident Response Methodologies 2022
  ☆1,068Updated 4 months ago
• SecurityBrewery / catalyst
  ⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident…
  ☆424Updated last month
• cyb3rfox / Aurora-Incident-Response
  Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
  ☆937Updated last year
• 3CORESec / testmynids.org
  A website and framework for testing NIDS detection
  ☆280Updated last month
• tsale / EDR-Telemetry
  This project aims to compare and evaluate the telemetry of various EDR products.
  ☆1,827Updated last week
• cisagov / decider
  A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE AT…
  ☆1,194Updated 2 months ago
• mthcht / ThreatHunting-Keywords
  Awesome list of keywords and artifacts for Threat Hunting sessions
  ☆599Updated 3 weeks ago
• TonyPhipps / SIEM
  SIEM Tactics, Techiques, and Procedures
  ☆659Updated 3 weeks ago
• Yamato-Security / EnableWindowsLogSettings
  Documentation and scripts to properly enable Windows event logs.
  ☆626Updated last year
• counteractive / incident-response-plan-template
  A concise, directive, specific, flexible, and free incident response plan template
  ☆728Updated last year
• cert-advens / IRM
  ☆161Updated 10 months ago
• cyb3rxp / awesome-soc
  A collection of sources of documentation, as well as field best practices, to build/run a SOC
  ☆1,480Updated 3 weeks ago
• bluecapesecurity / PWF
  Practical Windows Forensics Training
  ☆683Updated last year
• OpenCTI-Platform / connectors
  OpenCTI Connectors
  ☆469Updated this week
• tclahr / uac
  UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It …
  ☆1,071Updated 2 weeks ago
• vm32 / Linux-Incident-Response
  practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response
  ☆399Updated last year
• OpenBAS-Platform / openbas
  Open Adversary Exposure Validation Platform
  ☆1,345Updated last week
• socfortress / OSSIEM
  Open Source SIEM Stack
  ☆109Updated last month