Alternatives and similar repositories for T3SF

Users that are interested in T3SF are comparing it to the libraries listed below

• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆49Updated last year
• curated-intel / attack-lookup
  A MITRE ATT&CK Lookup Tool
  ☆45Updated last year
• kaansk / shomon
  Shodan Monitoring integration for TheHive.
  ☆131Updated 11 months ago
• chaitanyakrishna / IOCScraper
  IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.
  ☆35Updated 3 years ago
• ail-project / ail-training
  AIL project training materials
  ☆38Updated 4 months ago
• NettleSec / TriOp
  Tool for quickly gathering information from Shodan.io about the number of IPs which satisfy large number of different queries
  ☆49Updated 2 years ago
• center-for-threat-informed-defense / caldera_pathfinder
  Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translatin…
  ☆126Updated 7 months ago
• svdwi / BlueBox
  BlueBox Malware analysis Box and Cyber threat intelligence.
  ☆43Updated 3 years ago
• Truvis / SplunkDashboards
  Collection of Dashboards for Threat Hunting and more!
  ☆70Updated 5 years ago
• cti-cmm / framework
  A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry N…
  ☆40Updated 7 months ago
• DomainTools / DomainCAT
  Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations
  ☆43Updated 4 years ago
• nicolasriverocorvalan / cloud-sniper
  Virtual Security Operations Center
  ☆52Updated 2 years ago
• muchdogesec / ctibutler
  A web API for various cyber threat intelligence frameworks, including MITRE ATT&CK, CWE, ATLAS...
  ☆17Updated last week
• tsale / BlueSploit
  BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.
  ☆32Updated 5 years ago
• Shuffle / workflows
  Workflows for Shuffle
  ☆24Updated 3 years ago
• davidonzo / apiosintDS
  On demand query API for https://github.com/davidonzo/Threat-Intel project.
  ☆58Updated last year
• Velocidex / cloudvelo
  An experimental Velociraptor implementation using cloud infrastructure
  ☆26Updated this week
• tropChaud / Cyber-Adversary-Heatmaps
  Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.
  ☆35Updated 3 years ago
• gertjanbruggink / presentations
  This directory contains presentations and related materials of my speaking engagements. I also use this to record historical presentation…
  ☆17Updated 9 months ago
• curated-intel / Initial-Access-Broker-Landscape
  A visualized overview of the Initial Access Broker (IAB) cybercrime landscape
  ☆115Updated 4 years ago
• juaromu / wazuh
  ☆19Updated 4 years ago
• typosquatter / ail-typo-website
  Website for ail-typo-squatting library
  ☆66Updated last month
• SecurityBagel / VulnBagel
  A collection of dashboards, templates, API's and Power BI code for vulnerability management and analysis
  ☆24Updated 9 months ago
• NVISOsecurity / nviso-cti
  ☆44Updated 4 months ago
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆75Updated 11 months ago
• M3NIX / sigmaio
  simple webapp for converting sigma rules into siem queries using the pySigma library
  ☆51Updated 2 years ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆55Updated last year
• gmagklaras / POFR
  Penguin OS Forensic (or Flight) Recorder
  ☆42Updated 11 months ago
• mitre / training
  A CALDERA plugin
  ☆26Updated 2 weeks ago
• OMENScan / AChoirX
  ReWrite of AChoir in Go for Cross Platform
  ☆42Updated 2 weeks ago