Alternatives and similar repositories for true-positive:

Users that are interested in true-positive are comparing it to the libraries listed below

• guardsight / gsvsoc_mission-model
  Incident Response Report Using GitHub-Sphinx
  ☆19Updated 5 years ago
• veeral-patel / incidents
  Please use https://github.com/veeral-patel/true-positive instead
  ☆66Updated 2 years ago
• counteractive / incident-response-collector
  ☆14Updated 4 years ago
• alwashmi / MasterParser
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆23Updated 3 years ago
• CERT-Bund / IRNetTools
  Incident Response Network Tools
  ☆24Updated 3 years ago
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆38Updated 9 months ago
• chihebchebbi / Azure-Sentinel-Hive-Playbook
  Send High & New Incidents to The Hive incident management Platform
  ☆18Updated 4 years ago
• swisscom / detections
  Threat intelligence and threat detection indicators (IOC, IOA)
  ☆53Updated 4 years ago
• securitydistractions / elastimispstash
  ☆29Updated 4 years ago
• olafhartong / sysmon-modular-linux
  A repository of Sysmon For Linux configuration modules
  ☆15Updated 3 years ago
• cerebrate-project / cerebrate
  Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…
  ☆85Updated 2 months ago
• atc-project / atc-mitigation
  Actionable analytics designed to combat threats based on MITRE's ATT&CK.
  ☆22Updated 5 years ago
• NextronSystems / nextron-helper-scripts
  Public tools, scripts or code snippets that can help when working with our products
  ☆46Updated last month
• HASecuritySolutions / LogCampaign
  Provides detection capabilities and log conversion to evtx or syslog capabilities
  ☆52Updated 2 years ago
• ReconInfoSec / graylog2thehive
  Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.
  ☆44Updated 4 years ago
• cudeso / dfir-iris-misp-timesketch
  Scripts to integrate DFIR-IRIS, MISP and TimeSketch
  ☆33Updated 3 years ago
• high101bro / PoSh-EasyWin
  PowerShell - Endpoint Analysis Solution Your Windows Intranet Needs
  ☆46Updated 2 months ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆22Updated 3 months ago
• HASecuritySolutions / Sysmon-Manager
  This repo contains information on how to auto deploy Sysmon via GPO and Task Scheduler
  ☆12Updated 3 years ago
• flowintel / flowintel
  An open source platform to support analysts to organise their case and tasks
  ☆66Updated last week
• deeso / fleet-deployment
  ☆15Updated 5 years ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆54Updated 7 months ago
• eCrimeLabs / MISP2CbR
  Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.
  ☆19Updated 2 years ago
• opencybersecurityalliance / firepit
  Firepit - STIX Columnar Storage
  ☆16Updated 8 months ago
• Shuffle / workflows
  Workflows for Shuffle
  ☆21Updated 2 years ago
• quadrantsec / sagan-rules
  ☆29Updated last week
• swisscom / PowerSponse
  PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.
  ☆38Updated 2 years ago
• CrowdStrike / MISP-tools
  Import CrowdStrike Threat Intelligence into your instance of MISP
  ☆43Updated 4 months ago
• LogRhythm-Labs / Sigma
  Convert Sigma rules to LogRhythm searches
  ☆20Updated 2 years ago