Alternatives and similar repositories for SME

Users that are interested in SME are comparing it to the libraries listed below

• darkquasar / AzureHunter
  A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
  ☆788Updated 3 years ago
• ScarredMonk / SysmonSimulator
  Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…
  ☆859Updated 3 years ago
• nccgroup / nmap-nse-vulnerability-scripts
  NMAP Vulnerability Scanning Scripts
  ☆627Updated 3 years ago
• CrowdStrike / CRT
  Contact: CRT@crowdstrike.com
  ☆747Updated 2 years ago
• zeronetworks / BlueHound
  BlueHound - pinpoint the security issues that actually matter
  ☆757Updated 2 years ago
• mdecrevoisier / Microsoft-eventlog-mindmap
  Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...
  ☆1,087Updated last month
• mandiant / Mandiant-Azure-AD-Investigator
  ☆644Updated 2 years ago
• JSCU-NL / logging-essentials
  A Windows event logging and collection baseline focused on finding balance between forensic value and optimising retention.
  ☆290Updated 4 years ago
• cisagov / bad-practices
  CISA's catalog of bad practices that are exceptionally risky.
  ☆211Updated 2 weeks ago
• mamun-sec / dfirt
  Collect information of Windows PC when doing incident response
  ☆252Updated 2 years ago
• blackhillsinfosec / EventLogging
  Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.
  ☆486Updated last year
• iknowjason / PurpleCloud
  A little tool to play with Azure Identity - Azure and Entra ID lab creation tool. Blog: https://medium.com/@iknowjason/sentinel-for-pur…
  ☆615Updated 9 months ago
• cisagov / untitledgoosetool
  Untitled Goose Tool is a robust and flexible hunt and incident response tool that adds novel authentication and data gathering methods in…
  ☆943Updated 3 weeks ago
• PlumHound / PlumHound
  Bloodhound Reporting for Blue and Purple Teams
  ☆1,253Updated last month
• cisagov / Sparrow
  Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 en…
  ☆1,431Updated 3 years ago
• T0pCyber / hawk
  Powershell Based tool for gathering information related to O365 intrusions and potential Breaches
  ☆912Updated 9 months ago
• nsacyber / Mitigating-Obsolete-TLS
  Guidance for mitigating obsolete Transport Layer Security configurations. #nsacyber
  ☆271Updated 4 years ago
• stuhli / awesome-event-ids
  Collection of Event ID ressources useful for Digital Forensics and Incident Response
  ☆637Updated last year
• rapid7 / insightvm-sql-queries
  InsightVM helpful SQL queries
  ☆76Updated 10 months ago
• GossiTheDog / ThreatHunting
  Tools for hunting for threats.
  ☆599Updated 8 months ago
• activecm / BeaKer
  Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana
  ☆299Updated last month
• Azure / SimuLand
  Understand adversary tradecraft and improve detection strategies
  ☆713Updated 2 years ago
• microsoft / SecCon-Framework
  Security configuration is complex. With thousands of group policies available in Windows, choosing the “best” setting is difficult. It’s …
  ☆283Updated 3 years ago
• christophetd / Adaz
  Deploy customizable Active Directory labs in Azure - automatically.
  ☆428Updated last year
• punk-security / smbeagle
  SMBeagle - Fileshare auditing tool.
  ☆741Updated last month
• OTRF / Blacksmith
  Building environments to replicate small networks and deploy applications
  ☆330Updated 11 months ago
• ukncsc / lme
  Logging Made Easy
  ☆709Updated 2 years ago
• olafhartong / sysmon-cheatsheet
  All sysmon event types and their fields explained
  ☆560Updated 4 years ago
• counteractive / incident-response-plan-template
  A concise, directive, specific, flexible, and free incident response plan template
  ☆750Updated last year
• mandiant / Azure_Workshop
  ☆615Updated 2 years ago