Alternatives and similar repositories for true-positive

Users that are interested in true-positive are comparing it to the libraries listed below

• veeral-patel / incidents
  Please use https://github.com/veeral-patel/true-positive instead
  ☆67Updated 2 years ago
• counteractive / incident-response-collector
  ☆16Updated 4 years ago
• swiftbird07 / IRIS-SOAR
  🚀 IRIS-SOAR: Modular SOAR (Security Orchestration, Automation, and Response) implementation in Python. Designed to complement DFIR-IRIS …
  ☆10Updated last year
• cerebrate-project / cerebrate
  Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…
  ☆88Updated last week
• eric-ooi / elastic-m365
  Custom Kibana dashboards to secure and monitor Microsoft 365.
  ☆13Updated last year
• Loginsoft-LLC / threat-detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆52Updated 2 years ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆22Updated 7 months ago
• guardsight / gsvsoc_mission-model
  Incident Response Report Using GitHub-Sphinx
  ☆20Updated 5 years ago
• Truvis / Splunk_TA_Truvis_Suricata5
  This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup…
  ☆15Updated 4 years ago
• gerwout / pacs
  Pritunl Access Control System
  ☆10Updated 2 years ago
• CERT-Bund / IRNetTools
  Incident Response Network Tools
  ☆24Updated 3 years ago
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆44Updated last year
• Shuffle / workflows
  Workflows for Shuffle
  ☆23Updated 2 years ago
• nobody-cares / Incident-Response-Plan
  Incident Response Plan for all major incidents including cheatsheets for both linux and windows
  ☆14Updated 5 years ago
• swisscom / detections
  Threat intelligence and threat detection indicators (IOC, IOA)
  ☆52Updated 4 years ago
• high101bro / PoSh-EasyWin
  PowerShell - Endpoint Analysis Solution Your Windows Intranet Needs
  ☆47Updated 6 months ago
• alwashmi / MasterParser
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆23Updated 3 years ago
• melicertes / csp
  The Cyber Security Platform MeliCERTes is part of the European Strategy for Cyber Security. MeliCERTes is a network for establishing conf…
  ☆31Updated 3 years ago
• juju4 / ansible-MISP
  ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing
  ☆54Updated this week
• juaromu / wazuh-nmap
  ☆17Updated 3 years ago
• TheHive-Project / Synapse
  Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform
  ☆71Updated last year
• HASecuritySolutions / Sysmon-Manager
  This repo contains information on how to auto deploy Sysmon via GPO and Task Scheduler
  ☆12Updated 3 years ago
• forensicmatt / PancakeViewer
  A DFVFS Backed Forensic Viewer
  ☆40Updated 5 years ago
• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆37Updated 2 years ago
• eCrimeLabs / MISP2CbR
  Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.
  ☆19Updated 3 years ago
• OwlH-net / OwlH-UI
  OwlH Master API Web User Interface
  ☆12Updated last year
• chihebchebbi / Azure-Sentinel-Hive-Playbook
  Send High & New Incidents to The Hive incident management Platform
  ☆18Updated 4 years ago
• BrandonsProjects / WEFC
  Windows Event Forwarding/Collection - A simple way to get quick, comprehensive logging for a Windows environment.
  ☆15Updated 3 years ago
• securitydistractions / elastimispstash
  ☆29Updated 4 years ago
• HKcyberstark / wazuh-ecs
  Parse wazuh[HIDS] alerts into ECS mapping using Filebeat
  ☆27Updated 4 years ago