☆42Sep 16, 2022Updated 3 years ago
Alternatives and similar repositories for gene-rules
Users that are interested in gene-rules are comparing it to the libraries listed below
Sorting:
- Signature engine for all your logs☆172Nov 13, 2023Updated 2 years ago
- ☆13Feb 6, 2018Updated 8 years ago
- Sandbox samples and monitor them with kunai☆29Jun 24, 2025Updated 8 months ago
- ssdeep cluster analysis for malware files☆31Jun 5, 2020Updated 5 years ago
- Validate IOC from MISP ; Export results and iocs to SIEM and sensors using syslog and CEF format☆14Sep 13, 2016Updated 9 years ago
- Automate the regular transfer of AIS data into a MISP Server☆10Jun 5, 2024Updated last year
- Trace ScriptBlock execution for powershell v2☆40Jan 14, 2020Updated 6 years ago
- Python script to automatically create sigma rules from The hive observables☆25Mar 17, 2019Updated 6 years ago
- Systematic Classification Engine for Advanced Data ANalysis☆22Mar 6, 2017Updated 8 years ago
- Knowing which rule should trigger according to the redcannary test☆11Nov 23, 2024Updated last year
- Help fuzz various protocols and waits for ping backs Integrates LDAP server and JNDI payload☆11Dec 27, 2021Updated 4 years ago
- SACTI - Securely aggregate CTI sightings and report them on MISP☆14Oct 24, 2022Updated 3 years ago
- ☆24Sep 28, 2022Updated 3 years ago
- CSIRT Tooling: Best Practices in Developing, Maintaining and Distributing Open Source Tools☆16Feb 26, 2026Updated last week
- Extract information from MISP via the API☆16Jul 18, 2016Updated 9 years ago
- Sighting DB is designed to scale writing and reading a count of attributes, tracking when if was first and last seen☆17Apr 11, 2024Updated last year
- A repository of output using KAPE (!EZParser Module) for various publicly available forensic images!☆17Aug 31, 2024Updated last year
- Checks observables/ioc in TheHive/Cortex against the MISP warningslists☆14Dec 27, 2017Updated 8 years ago
- Add POST body excerpt to Bro's HTTP log☆14Dec 10, 2025Updated 2 months ago
- Open Source EDR for Windows☆1,297Feb 25, 2023Updated 3 years ago
- CyCAT.org taxonomies☆15May 22, 2021Updated 4 years ago
- Private Search Set (PSS) is an extension to standard Bloom filter or a standalone hash file to describe and share private set.☆16Jan 10, 2025Updated last year
- enpoint detection / live analysis & sandbox host / signatures quality test☆44Apr 22, 2021Updated 4 years ago
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆29Jun 11, 2020Updated 5 years ago
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆35Feb 2, 2022Updated 4 years ago
- Splunk Add-on for PowerShell provides field extraction for PowerShell event logs.☆17Feb 1, 2021Updated 5 years ago
- Telsy CTI Research Team☆57Dec 15, 2020Updated 5 years ago
- Investigate suspicious activity by visualizing Sysmon's event log☆431Dec 22, 2023Updated 2 years ago
- \B\C\M\C\ Open Source Software☆20Jan 3, 2022Updated 4 years ago
- Incident Notification Platform by @NC3-LU☆11Updated this week
- Invoke-LiveResponse☆150Feb 22, 2022Updated 4 years ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Jan 18, 2023Updated 3 years ago
- Yara station is a management portal for Neo23x0-Loki. The mission is to transform the standalone nature of the Loki scanner into a centra…☆35Feb 1, 2022Updated 4 years ago
- ☆16Apr 30, 2024Updated last year
- Cyber Threat Intelligence☆78Dec 7, 2025Updated 2 months ago
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.☆21Mar 12, 2019Updated 6 years ago
- Volatility, on Docker 🐳☆41Nov 20, 2025Updated 3 months ago
- server for indexing and querying passive DNS observations☆50Jan 12, 2026Updated last month
- Browser extension that complements the PhishDetect service☆24Feb 3, 2023Updated 3 years ago