Alternatives and similar repositories for security_content_docs:

Users that are interested in security_content_docs are comparing it to the libraries listed below

• mdecrevoisier / Splunk-input-windows-baseline
  Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…
  ☆90Updated last month
• signorrayan / SplunkThreatHunting
  This repository contains Splunk queries to hunt some anomalies
  ☆40Updated 2 years ago
• west-wind / Threat-Hunting-With-Splunk
  Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise
  ☆61Updated 11 months ago
• The-DFIR-Report / cyberchef-recipes
  ☆18Updated 2 years ago
• LogRhythm-Labs / Sigma
  Convert Sigma rules to LogRhythm searches
  ☆20Updated 3 years ago
• SentineLabs / S1QL-Queries
  ☆57Updated last year
• Loginsoft-LLC / threat-detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆51Updated 2 years ago
• center-for-threat-informed-defense / summiting-the-pyramid
  Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…
  ☆36Updated last week
• acquiredsecurity / Sentinel-One-STAR-Rules-Threat-Hunts
  SentinelOne STAR Rules
  ☆58Updated last month
• keyboardcrunch / SentinelOne-ATTACK-Queries
  MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity
  ☆89Updated 4 years ago
• DerekKing / splunk_dns_analytics
  Splunk Searches and Dashboards for DNS Threat Hunting
  ☆10Updated 7 years ago
• PolarBearGod / CrowdStrike-RTR-Scripts
  ☆26Updated 3 years ago
• infosecB / detection-as-code
  An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
  ☆55Updated 3 years ago
• thremulation-station / thremulation-station
  Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
  ☆38Updated last year
• splunk / contentctl
  Splunk Content Control Tool
  ☆108Updated this week
• christian-taillon / splunk-spl
  SPL cheatsheet for Splunk.
  ☆21Updated 2 years ago
• invictus-ir / Blue-team-app-Office-365-and-Azure
  ☆72Updated 5 months ago
• Silv3rHorn / BulkStrike
  BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.
  ☆42Updated 2 years ago
• mbabinski / Sigma-Rules
  A repository of my own Sigma detection rules.
  ☆157Updated 6 months ago
• NerbalOne / SentinelOne-Queries
  This will be a repository of SentinelOne Deep Visibility queries both the Standard Queries and the Power Queries. Most of these queries w…
  ☆25Updated 5 months ago
• MHaggis / notes
  Full of public notes and Utilities
  ☆98Updated last month
• HASecuritySolutions / LogCampaign
  Provides detection capabilities and log conversion to evtx or syslog capabilities
  ☆52Updated 2 years ago
• frack113 / sigma_redcanaryco
  Knowing which rule should trigger according to the redcannary test
  ☆11Updated 4 months ago
• WillOram / AzureAD-incident-response
  Notes on responding to security breaches relating to Azure AD
  ☆109Updated 3 years ago
• rowham / WinSigmaRuleAnalyzer
  Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view of…
  ☆10Updated last year
• splunk / TA-microsoft-365-defender-advanced-hunting-add-on
  ☆14Updated last month
• joshlemon / DFIR-Reference-Frameworks
  Repository of public reference frameworks for the DFIR community.
  ☆115Updated last year
• keyboardcrunch / sentinelone-queries
  Repository of SentinelOne Deep Visibility queries.
  ☆125Updated 3 years ago
• swisscom / Invoke-Forensics
  Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.
  ☆114Updated last year
• keyboardcrunch / SentinelOne-Query-Navigator
  Web based S1 query navigator for one-click threat hunting
  ☆18Updated 4 years ago