Alternatives and similar repositories for StoW

Users that are interested in StoW are comparing it to the libraries listed below

• socfortress / SOCFortress-Threat-Intel
  Integrate your Wazuh-Manager or Graylog with the SOCFortress Threat Intel Service
  ☆32Updated last year
• referefref / sinon
  Automation tool for Windows Deception Host Burn-In
  ☆86Updated last year
• MHaggis / Security-Detections-MCP
  MCP to help Defenders Detection Engineer Harder and Smarter
  ☆231Updated this week
• CrowdStrike / VirtualGHOST
  VirtualGHOST Detection Tool
  ☆105Updated 2 months ago
• dariommr / scripts
  Personal scripts
  ☆15Updated last year
• ozanunal0 / viper
  🛡️ VIPER: Stay ahead of threats with AI-driven vulnerability intelligence. Prioritize CVEs effectively using NVD, EPSS, CISA KEV, and Go…
  ☆83Updated 5 months ago
• juaromu / wazuh
  ☆20Updated 4 years ago
• UncoderIO / Roota
  Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …
  ☆132Updated last year
• cisagov / playbook-ng
  Playbook-NG is a stateless web-based application used to match incident findings with countermeasures for adversary containment and evict…
  ☆156Updated 2 months ago
• weslambert / DinoSOARLab
  Security Onion + Automation + Response Lab including n8n and Velociraptor
  ☆114Updated 3 years ago
• jischell-msft / RemoteManagementMonitoringTools
  Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations
  ☆103Updated 5 months ago
• reversinglabs / reversinglabs-siem-rules
  A collection of various SIEM rules relating to malware family groups.
  ☆70Updated last year
• krdmnbrk / AttackRuleMap
  Mapping of open-source detection rules and atomic tests.
  ☆193Updated last year
• mdecrevoisier / Windows-auditing-baseline
  Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.
  ☆60Updated 8 months ago
• northsh / detection.studio
  Convert Sigma rules to SIEM queries, directly in your browser.
  ☆109Updated 2 weeks ago
• st0pp3r / awesome-detection-engineer
  Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools…
  ☆144Updated this week
• infosecB / Rulehound
  An index of publicly available and open-source threat detection rulesets.
  ☆131Updated 9 months ago
• tsale / awesome-dfir-skills
  A curated collection of DFIR skills and workflows for InfoSec practitioners.
  ☆244Updated this week
• theflakes / sigma_to_wazuh
  Convert Sigma rules to Wazuh rules
  ☆73Updated 4 months ago
• juaromu / wazuh-opencti
  ☆41Updated 2 years ago
• cudeso / misp2sentinel
  MISP to Sentinel integration
  ☆79Updated 2 months ago
• socfortress / wazuh-mcp-server
  Repo to hold wazuh manager mcp server
  ☆74Updated 4 months ago
• magicsword-io / LOLRMM
  LotL RMM
  ☆289Updated last week
• nasbench / Eventlog_Compendium
  The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.
  ☆51Updated 9 months ago
• InfoSecInnovations / What2Log
  ☆42Updated 3 years ago
• fr0gger / JupyterUniverse
  Jupyter Univere is a search engine for all infosec jupyter notebooks
  ☆35Updated 10 months ago
• MHaggis / ASRGEN
  ASR Configurator, Essentials and Atomic Testing
  ☆101Updated 9 months ago
• tsale / EDR-Telemetry-Website
  ☆74Updated last week
• joeavanzato / LogBoost
  Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…
  ☆110Updated this week
• infobloxopen / threat-intelligence
  ☆105Updated last month