Alternatives and similar repositories for laurel

Users that are interested in laurel are comparing it to the libraries listed below

• wagga40 / Zircolite

  View on GitHub
  A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
  ☆780Updated this week
• Neo23x0 / auditd

  View on GitHub
  Best Practice Auditd Configuration
  ☆1,756Nov 27, 2025Updated 2 months ago
• stuhli / awesome-event-ids

  View on GitHub
  Collection of Event ID ressources useful for Digital Forensics and Incident Response
  ☆643Jun 19, 2024Updated last year
• WithSecureLabs / chainsaw

  View on GitHub
  Rapidly Search and Hunt through Windows Forensic Artefacts
  ☆3,440Oct 12, 2025Updated 4 months ago
• threathunters-io / QLOG

  View on GitHub
  Windows Security Logging
  ☆43Jul 17, 2022Updated 3 years ago
• dfirtrack / dfirtrack

  View on GitHub
  DFIRTrack - The Incident Response Tracking Application
  ☆532Jan 13, 2026Updated last month
• rabobank-cdc / DeTTECT

  View on GitHub
  Detect Tactics, Techniques & Combat Threats
  ☆2,263Jan 21, 2026Updated 3 weeks ago
• ScarredMonk / SysmonSimulator

  View on GitHub
  Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…
  ☆861Jan 20, 2022Updated 4 years ago
• atc-project / atc-react

  View on GitHub
  A knowledge base of actionable Incident Response techniques
  ☆662May 31, 2022Updated 3 years ago
• trustedsec / SysmonCommunityGuide

  View on GitHub
  TrustedSec Sysinternals Sysmon Community Guide
  ☆1,363Dec 15, 2025Updated last month
• OTRF / Security-Datasets

  View on GitHub
  Re-play Security Events
  ☆1,723Mar 20, 2024Updated last year
• Yamato-Security / EnableWindowsLogSettings

  View on GitHub
  Documentation and scripts to properly enable Windows event logs.
  ☆671Oct 3, 2025Updated 4 months ago
• ion-storm / sysmon-edr

  View on GitHub
  Sysmon EDR POC Build within Powershell to prove ability.
  ☆226May 1, 2021Updated 4 years ago
• sbousseaden / EVTX-ATTACK-SAMPLES

  View on GitHub
  Windows Events Attack Samples
  ☆2,507Jan 24, 2023Updated 3 years ago
• darkquasar / AzureHunter

  View on GitHub
  A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
  ☆790Oct 29, 2022Updated 3 years ago
• tclahr / uac

  View on GitHub
  UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It …
  ☆1,238Feb 5, 2026Updated last week
• Cyb3r-Monk / Threat-Hunting-and-Detection

  View on GitHub
  Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
  ☆801Jan 14, 2026Updated last month
• elastic / protections-artifacts

  View on GitHub
  Elastic Security detection content for Endpoint
  ☆1,372Feb 6, 2026Updated last week
• NextronSystems / evtx-baseline

  View on GitHub
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆86Dec 17, 2025Updated last month
• SigmaHQ / sigma

  View on GitHub
  Main Sigma Rule Repository
  ☆10,109Updated this week
• Velocidex / velociraptor

  View on GitHub
  Digging Deeper....
  ☆3,747Feb 5, 2026Updated last week
• mdecrevoisier / EVTX-to-MITRE-Attack

  View on GitHub
  Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.
  ☆613Dec 8, 2025Updated 2 months ago
• olafhartong / sysmon-modular

  View on GitHub
  A repository of sysmon configuration modules
  ☆2,968Aug 21, 2024Updated last year
• elastic / detection-rules

  View on GitHub
  ☆2,502Updated this week
• dfir-iris / iris-web

  View on GitHub
  Collaborative Incident Response platform
  ☆1,384Jan 27, 2026Updated 2 weeks ago
• sans-blue-team / DeepBlueCLI

  View on GitHub
  ☆2,383Oct 14, 2023Updated 2 years ago
• OTRF / OSSEM

  View on GitHub
  Open Source Security Events Metadata (OSSEM)
  ☆1,287Feb 27, 2023Updated 2 years ago
• atc-project / atomic-threat-coverage

  View on GitHub
  Actionable analytics designed to combat threats
  ☆1,006May 25, 2022Updated 3 years ago
• cyberdefenders / DetectionLabELK

  View on GitHub
  DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
  ☆573Dec 12, 2021Updated 4 years ago
• Yamato-Security / hayabusa

  View on GitHub
  Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
  ☆3,014Feb 4, 2026Updated last week
• OTRF / ThreatHunter-Playbook

  View on GitHub
  A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…
  ☆4,475Jan 12, 2026Updated last month
• chainguard-dev / osquery-defense-kit

  View on GitHub
  Production-ready detection & response queries for osquery
  ☆600Aug 13, 2025Updated 6 months ago
• FalconForceTeam / FalconHound

  View on GitHub
  FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is de…
  ☆817Feb 17, 2025Updated 11 months ago
• target / halogen

  View on GitHub
  Automatically create YARA rules from malicious documents.
  ☆212May 16, 2022Updated 3 years ago
• zeronetworks / BloodHound-Tools

  View on GitHub
  Collection of tools that reflect the network dimension into Bloodhound's data
  ☆447Oct 19, 2022Updated 3 years ago
• cado-security / rip_raw

  View on GitHub
  Rip Raw is a small tool to analyse the memory of compromised Linux systems.
  ☆134Jan 31, 2022Updated 4 years ago
• tsale / EDR-Telemetry

  View on GitHub
  This project aims to compare and evaluate the telemetry of various EDR products.
  ☆1,924Jan 20, 2026Updated 3 weeks ago
• mbabinski / Sigma-Rules

  View on GitHub
  A repository of my own Sigma detection rules.
  ☆163Nov 25, 2025Updated 2 months ago
• splunk / attack_range

  View on GitHub
  A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…
  ☆2,439Updated this week