Alternatives and similar repositories for n6

Users that are interested in n6 are comparing it to the libraries listed below

• certtools / contactdb

  View on GitHub
  The ContactDB project was initiated to cover the need for a tool to maintain contacts for CSIRT teams
  ☆37Jan 21, 2022Updated 4 years ago
• flowintel / cocktailparty

  View on GitHub
  CocktailParty is a data broker system based on phoenix framework
  ☆23Apr 23, 2025Updated 9 months ago
• csirt-tooling-org / csirt-tooling-best-practices

  View on GitHub
  CSIRT Tooling: Best Practices in Developing, Maintaining and Distributing Open Source Tools
  ☆16Jun 20, 2022Updated 3 years ago
• mohlcyber / MISP-MVISION-EDR

  View on GitHub
  Integration between MISP platform and McAfee MVISION EDR
  ☆14Mar 14, 2022Updated 3 years ago
• CERT-Polska / mquery

  View on GitHub
  YARA malware query accelerator (web frontend)
  ☆437Feb 3, 2026Updated last week
• opensourcesec / CIRTKit

  View on GitHub
  Tools for the Computer Incident Response Team
  ☆150Apr 17, 2017Updated 8 years ago
• CERT-Polska / mwdblib

  View on GitHub
  Client library for the mwdb service by CERT Polska.
  ☆42Sep 25, 2025Updated 4 months ago
• MISP / misp-workbench

  View on GitHub
  MISP Workbench
  ☆28Oct 19, 2016Updated 9 years ago
• CERT-Polska / mwdb-core

  View on GitHub
  Malware repository component for samples & static configuration with REST API interface.
  ☆373Feb 6, 2026Updated last week
• S03D4-164 / Hiryu

  View on GitHub
  IOC Management and Visualization Tool
  ☆48Dec 8, 2022Updated 3 years ago
• certtools / intelmq

  View on GitHub
  IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
  ☆1,106Dec 2, 2025Updated 2 months ago
• runZeroInc / recog

  View on GitHub
  Pattern recognition for hosts, services, and content
  ☆14Aug 19, 2022Updated 3 years ago
• n0dec / MalwLess

  View on GitHub
  Test Blue Team detections without running any attack.
  ☆272May 2, 2024Updated last year
• adulau / threat-intelligence.eu

  View on GitHub
  threat-intelligence.eu website and repository of information about open standards, documents, methodologies and processes in threat intel…
  ☆49Nov 3, 2025Updated 3 months ago
• CERT-Polska / ursadb

  View on GitHub
  Trigram database written in C++, suited for malware indexing
  ☆130Jan 26, 2026Updated 2 weeks ago
• MISP / misp-dashboard

  View on GitHub
  A live dashboard for a real-time overview of threat intelligence from MISP instances
  ☆206Jul 10, 2023Updated 2 years ago
• conix-security / BTG

  View on GitHub
  BTG's purpose is to make fast and efficient search on IOC
  ☆71Nov 27, 2018Updated 7 years ago
• Concinnity-Risks / LogisticalBudget

  View on GitHub
  This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, o…
  ☆35Feb 27, 2019Updated 6 years ago
• abusesa / abusehelper

  View on GitHub
  A framework for receiving and redistributing abuse feeds
  ☆125Sep 27, 2019Updated 6 years ago
• CERT-Polska / karton

  View on GitHub
  Distributed malware processing framework based on Python, Redis and S3.
  ☆462Dec 1, 2025Updated 2 months ago
• AlienVault-OTX / yabin

  View on GitHub
  A Yara rule generator for finding related samples and hunting
  ☆162Sep 11, 2022Updated 3 years ago
• mohlcyber / OpenDXL-MISP-IntelMQ-Output

  View on GitHub
  Automated OpenDXL Output information via IntelMQ
  ☆14Jul 20, 2017Updated 8 years ago
• COSSAS / sacti

  View on GitHub
  SACTI - Securely aggregate CTI sightings and report them on MISP
  ☆14Oct 24, 2022Updated 3 years ago
• yeti-platform / yeti

  View on GitHub
  Your Everyday Threat Intelligence
  ☆1,949Updated this week
• certtools / malware_name_mapping

  View on GitHub
  A mapping of used malware names to commonly known family names
  ☆62Feb 21, 2023Updated 2 years ago
• cert-se / megatron-java

  View on GitHub
  Megatron - A System for Abuse- and Incident Handling
  ☆45Mar 29, 2017Updated 8 years ago
• 3c7 / common-osint-model

  View on GitHub
  Converting data from services like Censys and Shodan to a common data model
  ☆51Updated this week
• DearBytes / Opensource-Endpoint-Monitoring

  View on GitHub
  This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.
  ☆35Jul 8, 2019Updated 6 years ago
• ANSSI-FR / polichombr

  View on GitHub
  Collaborative malware analysis framework
  ☆380Jan 22, 2019Updated 7 years ago
• ntddk / virustream

  View on GitHub
  A script to track malware IOCs with OSINT on Twitter.
  ☆54May 3, 2024Updated last year
• sebdraven / hack_lu_2017

  View on GitHub
  Python and Machine Learning Workshop at Hack.lu 2017
  ☆82May 18, 2018Updated 7 years ago
• ciscocsirt / GOSINT

  View on GitHub
  The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs).
  ☆554May 9, 2023Updated 2 years ago
• egaus / malicious_url_analysis

  View on GitHub
  ☆18Jun 8, 2018Updated 7 years ago
• mvelazc0 / Oriana

  View on GitHub
  Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The…
  ☆177Jun 10, 2021Updated 4 years ago
• SupportIntelligence / Icewater

  View on GitHub
  16,432 Free Yara rules created by
  ☆390Jun 1, 2019Updated 6 years ago
• atc-project / atomic-threat-coverage

  View on GitHub
  Actionable analytics designed to combat threats
  ☆1,006May 25, 2022Updated 3 years ago
• csirtgadgets / bearded-avenger

  View on GitHub
  CIF v3 -- the fastest way to consume threat intelligence
  ☆183Apr 20, 2023Updated 2 years ago
• tylabs / dovehawk

  View on GitHub
  Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
  ☆122Jul 12, 2021Updated 4 years ago
• PUNCH-Cyber / stoq-plugins-public

  View on GitHub
  stoQ Public Plugins
  ☆71Feb 27, 2023Updated 2 years ago