Alternatives and similar repositories for box4security

Users that are interested in box4security are comparing it to the libraries listed below

• socfortress / SOCFortress-Threat-Intel
  Integrate your Wazuh-Manager or Graylog with the SOCFortress Threat Intel Service
  ☆29Updated 10 months ago
• juaromu / wazuh
  ☆19Updated 3 years ago
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆44Updated last year
• AzharAnwar9 / Security-Event-Analysis-Automation-Tool
  A SOC Analyst's tool to automate the investigation & validation of possible Indicators of Compromise (IOCs) and perform various tasks inc…
  ☆27Updated 3 years ago
• Truvis / SplunkDashboards
  Collection of Dashboards for Threat Hunting and more!
  ☆68Updated 4 years ago
• juaromu / wazuh-opencti
  ☆37Updated last year
• crow1011 / wazuh2thehive
  Wazuh integration TheHive
  ☆38Updated 2 years ago
• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆39Updated 3 years ago
• quitehacker / MITRE-ATTACK-Enterprise-Matrix-in-Excel-for-SOC
  The Enhanced MITRE ATT&CK® Coverage Tracker is an Excel tool for SOCs to measure and improve detection coverage of cyber threats. It simp…
  ☆28Updated 7 months ago
• TheHive-Project / Docker-Templates
  Docker configurations for TheHive, Cortex and 3rd party tools
  ☆126Updated 2 years ago
• dariommr / scripts
  Personal scripts
  ☆15Updated 11 months ago
• weslambert / DinoSOARLab
  Security Onion + Automation + Response Lab including n8n and Velociraptor
  ☆112Updated 2 years ago
• corelight / threat-hunting-guide
  ☆52Updated 3 years ago
• tidalcyber / cyber-threat-profiling
  A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense
  ☆97Updated last year
• sametsazak / sysmon
  Sysmon and wazuh integration with Sigma sysmon rules [updated]
  ☆68Updated 4 years ago
• Bert-JanP / Domain-Response
  Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…
  ☆49Updated last year
• juaromu / wazuh-domain-stats-alienvault
  ☆16Updated 3 years ago
• elysiumsecurityltd / IRM
  Incident Response Methodologies (IRM), also called Incident Playbook, based on the work done by the CERT Societe General
  ☆24Updated 3 years ago
• Mikoyan-Dee / CrowdStrike-Queries
  CrowdStrike Falcon Queries For Advanced Threat Detection
  ☆22Updated 5 months ago
• CrowdStrike / MISP-tools
  Import CrowdStrike Threat Intelligence into your instance of MISP
  ☆48Updated 2 months ago
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 8 months ago
• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆72Updated 2 years ago
• jasonsford / IPScraper
  This script provides a Python library with methods to authenticate to various sources of threat intelligence and query IPs for the latest…
  ☆18Updated 5 months ago
• mthcht / ThreatHunting-Keywords-sigma-rules
  Sigma detection rules for hunting with the threathunting-keywords project
  ☆56Updated 5 months ago
• corelight / raspi-corelight
  Corelight@Home script
  ☆42Updated last year
• guardsight / gsvsoc_cybersecurity-incident-response-plan
  Cybersecurity Incident Response Plan
  ☆91Updated 4 years ago
• SecurityBagel / VulnBagel
  A collection of dashboards, templates, API's and Power BI code for vulnerability management and analysis
  ☆24Updated 6 months ago
• infosecB / detection-as-code
  An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
  ☆57Updated 3 years ago
• tropChaud / Cyber-Adversary-Heatmaps
  Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.
  ☆35Updated 3 years ago
• edelucia / rules
  Cyber Threats Detection Rules
  ☆14Updated 2 months ago