Alternatives and similar repositories for elasticsearch-yara

Users that are interested in elasticsearch-yara are comparing it to the libraries listed below

• xme / misp-docker
  Docker container for MISP
  ☆96Updated 7 years ago
• MalwareSoup / sysmon2neo4j
  ☆15Updated 8 years ago
• zeek / zeek-osquery
  Bro/Zeek integration with osquery
  ☆94Updated 5 years ago
• 0xtf / testmynids.org
  A website and framework for testing NIDS detection
  ☆57Updated 4 years ago
• STIXProject / openioc-to-stix
  Generate STIX XML from OpenIOC XML
  ☆94Updated 7 years ago
• remg427 / misp42splunk
  A Splunk app to use MISP in background
  ☆113Updated last month
• Foundstone / InvestigationPlaybookSpec
  InvestigationPlaybookSpec
  ☆71Updated 8 years ago
• kx499-zz / ostip
  ☆29Updated 8 years ago
• socprime / soc_workflow_app_ce
  SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…
  ☆94Updated 3 years ago
• Yara-Rules / yara-endpoint
  Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
  ☆109Updated 7 years ago
• Nclose-ZA / elastalert_hive_alerter
  This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.
  ☆27Updated 4 years ago
• PUNCH-Cyber / stoq-plugins-public
  stoQ Public Plugins
  ☆71Updated 2 years ago
• rocknsm / rock-dashboards
  Dashboards and loader for ROCK NSM dashboards
  ☆49Updated 2 years ago
• capesstack / capes
  Cyber Analytics Platform and Examination System (CAPES) Project Page
  ☆60Updated 6 years ago
• CheckPointSW / Cuckoo-AWS
  Extension to Cuckoo Sandbox open source projects, adds support to AWS cloud functionalities and enables running emulation on auto-scaling…
  ☆135Updated 3 years ago
• SecurityRiskAdvisors / TALR
  Threat Alert Logic Repository
  ☆93Updated 7 years ago
• certsocietegenerale / fame_modules
  Community modules for FAME
  ☆66Updated last month
• DCSO / MISP-dockerized
  ☆34Updated 5 years ago
• PUNCH-Cyber / YaraGuardian
  Django web interface for managing Yara rules
  ☆197Updated 7 years ago
• carbonblack / cb-taxii-connector
  Connector for pulling and converting STIX information from TAXII Service Providers into CB Feeds.
  ☆15Updated 3 years ago
• YahooArchive / PyIOCe
  Python IOC Editor
  ☆65Updated 10 years ago
• williballenthin / process-forest
  Reconstruct process trees from event logs
  ☆147Updated 5 years ago
• dgunter / evtxtoelk
  A lightweight tool to load Windows Event Log evtx files into Elasticsearch.
  ☆119Updated 5 years ago
• giMini / NOAH
  PowerShell No Agent Hunting
  ☆111Updated 7 years ago
• mgreen27 / Invoke-LiveResponse
  Invoke-LiveResponse
  ☆150Updated 3 years ago
• certsocietegenerale / event2timeline
  Simple Microsoft Windows sessions event logs visualization
  ☆156Updated 3 years ago
• bromiley / tools
  Various tools and scripts
  ☆43Updated 3 years ago
• kevthehermit / YaraRules
  My Yara Rules Collection
  ☆53Updated 10 years ago
• Soinull / assimilate
  Assimilate is a series of scripts for using the Naïve Bayes algorithm to find potential malicious activity in HTTP headers
  ☆92Updated 8 years ago
• carbonblack / cb-yara-connector
  Analyze binaries collected in VMware Carbon Black EDR against Yara rules.
  ☆38Updated 3 years ago