Alternatives and similar repositories for StoW

Users that are interested in StoW are comparing it to the libraries listed below

• theflakes / sigma_to_wazuh
  Convert Sigma rules to Wazuh rules
  ☆67Updated last year
• dariommr / scripts
  Personal scripts
  ☆14Updated 8 months ago
• jischell-msft / RemoteManagementMonitoringTools
  Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations
  ☆88Updated 10 months ago
• 0xbad53c / wazuh-detection-rules
  Our collection of Wazuh detection rules for our Offense Lab
  ☆14Updated 3 years ago
• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆70Updated 2 years ago
• mdecrevoisier / Windows-auditing-baseline
  Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.
  ☆54Updated last week
• invictus-ir / Blue-team-app-Office-365-and-Azure
  ☆72Updated 7 months ago
• reversinglabs / reversinglabs-siem-rules
  A collection of various SIEM rules relating to malware family groups.
  ☆66Updated 11 months ago
• socfortress / SOCFortress-Threat-Intel
  Integrate your Wazuh-Manager or Graylog with the SOCFortress Threat Intel Service
  ☆29Updated 8 months ago
• Bert-JanP / Domain-Response
  Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…
  ☆47Updated last year
• karimhabush / cis-vsphere
  A tool to assess the compliance of a VMware vSphere environment against the CIS Benchmark.
  ☆51Updated 2 years ago
• CERN-CERT / pDNSSOC
  Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.
  ☆51Updated 5 months ago
• tobor88 / PowerShell-Blue-Team
  Collection of PowerShell functinos and scripts a Blue Teamer might use
  ☆85Updated last year
• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆37Updated 2 years ago
• humio / security_monitoring
  ☆41Updated 2 years ago
• j91321 / ansible-role-sysmon
  Ansible role for installing Sysmon with popular config files included.
  ☆25Updated 2 years ago
• tsale / EDR-Telemetry-Website
  ☆74Updated 2 months ago
• nov3mb3r / trident
  A PowerShell incident response script for quick triage
  ☆80Updated 2 years ago
• weslambert / DinoSOARLab
  Security Onion + Automation + Response Lab including n8n and Velociraptor
  ☆109Updated 2 years ago
• ANSSI-FR / DFIR4vSphere
  Powershell module for VMWare vSphere forensics
  ☆152Updated 7 months ago
• CrowdStrike / VirtualGHOST
  VirtualGHOST Detection Tool
  ☆91Updated last year
• mandiant / citrix-ioc-scanner-cve-2023-3519
  ☆65Updated last year
• DefensiveOrigins / DO-LAB
  ☆47Updated last month
• InfoSecInnovations / What2Log
  ☆39Updated 2 years ago
• olafhartong / MDE-AuditCheck
  MDE relies on some of the Audit settings to be enabled
  ☆98Updated 2 years ago
• Starke427 / Windows-Security-Policy
  Specific guidance and configuration scripts based on Microsoft-recommended security configuration baselines for Windows.
  ☆13Updated 4 years ago
• SigmaHQ / pySigma-backend-splunk
  pySigma Splunk backend
  ☆38Updated 3 weeks ago
• brianreitz / awesome-blueteam
  A list of resources to build a information security team.
  ☆13Updated 4 years ago
• securityjoes / ForensicMiner
  A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
  ☆155Updated 2 months ago
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 5 months ago