Alternatives and similar repositories for mist:

Users that are interested in mist are comparing it to the libraries listed below

• MISP / misp-packer
  Build Automated Machine Images for MISP
  ☆28Updated last year
• Benster900 / ThreatWaffle
  Threat hunting repo for my independent study on threat hunting with OSQuery
  ☆27Updated 7 years ago
• StamusNetworks / surimisp
  Check IOC provided by a MISP instance on Suricata events
  ☆17Updated 5 years ago
• D4-project / d4-core
  D4 core software (server and sample sensor client)
  ☆42Updated last year
• CyCat-project / cycat-service
  CyCAT.org API back-end server including crawlers
  ☆29Updated 2 years ago
• MattCarothers / uhp
  Universal Honey Pot
  ☆29Updated 2 years ago
• corelight / zerologon
  Zeek package to detect Zerologon
  ☆11Updated 3 years ago
• bromiley / pollen
  pollen - A command-line tool for interacting with TheHive
  ☆35Updated 5 years ago
• IntegralDefense / ACE
  Analysis Correlation Engine
  ☆26Updated 5 years ago
• zeek / zeek-agent-framework
  This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2
  ☆14Updated 4 years ago
• Neo23x0 / panopticon
  A YARA Rule Performance Measurement Tool
  ☆59Updated last year
• philhagen / timeshift
  A python script to shift the timestamp on syslog data. Useful for forensicators combating time skew.
  ☆20Updated 2 years ago
• BreakingMalwareResearch / YetiToElastic
  YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack
  ☆16Updated 4 years ago
• eCrimeLabs / phish2MISP
  Easy way to create a MISP event related to a Phishing page
  ☆17Updated last year
• MISP / misp-compliance
  Legal, procedural and policies document templates for operating MISP and information sharing communities
  ☆38Updated 2 years ago
• opencybersecurityalliance / firepit
  Firepit - STIX Columnar Storage
  ☆16Updated 10 months ago
• Neo23x0 / ti-falsepositives
  A collection of typical false positive indicators
  ☆55Updated 4 years ago
• nogoodconfig / pyarascanner
  A simple many-rules to many-files YARA scanner for incident response or malware zoos.
  ☆26Updated 6 years ago
• MISP / mail_to_misp
  Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.
  ☆69Updated last year
• CIRCL / traceroute-circl
  Traceroute improved wrapper for CSIRT and CERT operators
  ☆38Updated 6 months ago
• OTRF / openhunt
  ☆33Updated 3 years ago
• csirtgadgets / verbose-robot
  The Fastest way to consume Threat Intel
  ☆25Updated 2 years ago
• CaliDog / tachikoma
  Tachikoma is a security alerting framework for human beings
  ☆22Updated 6 years ago
• target / attack-navigator-docker
  A simple Docker container that serves the MITRE ATT&CK Navigator web app
  ☆27Updated 2 years ago
• MISP / misp-rfc
  Specifications used in the MISP project including MISP core format
  ☆51Updated 3 months ago
• abhinavbom / clara
  Serverless, real-time, ClamAV+Yara scanning for your S3 Buckets
  ☆31Updated 11 months ago
• da667 / Autosuricata
  first commit
  ☆20Updated last year
• ThreatResponse / aws_ir_plugins
  Core incident handling plugins for aws_ir cli, incident pony, and more.
  ☆21Updated 6 years ago
• CIRCL / pystemon
  Monitoring tool for PasteBin-alike sites written in Python. Inspired by pastemon http://github.com/xme/pastemon
  ☆44Updated 4 years ago
• c2defense / windows-event-collection
  Subscriptions to collect Windows Event Logs mapped to the MITRE ATT&CK model
  ☆12Updated 4 years ago