Alternatives and similar repositories for cti-toolkit

Users that are interested in cti-toolkit are comparing it to the libraries listed below

• redhuntlabs / Maltego-Scripts
  ☆33Updated 4 months ago
• sans-blue-team / sec555-mdwiki-v1
  ☆11Updated 4 years ago
• BushidoUK / Malware-Zoo
  Hashes of infamous malware
  ☆26Updated last year
• dhoelzer / Silky
  Web interface for monitoring and interacting with Netflow data stored in Silk repositories.
  ☆13Updated 6 years ago
• JacobPimental / gunslinger
  Gunslinger is used to hunt for Magecart sites using URLScan's API
  ☆31Updated 3 years ago
• HarmJ0y / PowerShellArsenal
  A PowerShell Module Dedicated to Reverse Engineering
  ☆14Updated 5 years ago
• qeeqbox / octopus
  Pure Honeypots with an automated bash script
  ☆20Updated 3 years ago
• DefensiveOrigins / APT-Lab-FastOpticsSetup
  Scripts to threat optics stack quickly / abbreviated and automated. Run after APT-Lab-Terraform
  ☆13Updated 4 years ago
• trustedsec / RisingSun
  RisingSun: Decoding SUNBURST C2 to identify infected hosts without network telemetry.
  ☆10Updated 4 years ago
• ninoseki / iocingestor
  An extendable tool to extract and aggregate IoCs from threat feeds
  ☆33Updated last year
• OTRF / sigma
  Generic Signature Format for SIEM Systems
  ☆14Updated 3 years ago
• dhoelzer / DAD
  Log aggregation, analysis, alerting and correlation for Windows, Syslog and text based logs.
  ☆24Updated 8 years ago
• SekoiaLab / FastIR_Server
  The FastIR Server is a Web server to schedule FastIR Collector forensics collect thanks to the FastIR Agent
  ☆12Updated 8 years ago
• khast3x / LeakLooker
  Find open databases - Powered by Binaryedge.io
  ☆15Updated 5 years ago
• jalewis / actortrackr
  Home to the ActorTrackr source code
  ☆29Updated 7 years ago
• 0sm0s1z / Tiberium
  ☆21Updated 2 years ago
• 3c7 / infrastructure-tracking-schema
  ☆24Updated 2 years ago
• mdsecactivebreach / LyncSniper
  LyncSniper: A tool for penetration testing Skype for Business and Lync deployments
  ☆9Updated 8 years ago
• EC-DIGIT-CSIRC / credentialLeakDB
  A database for storing, querying and doing stats on credential leaks
  ☆38Updated 2 years ago
• 00gxd14g / misp-extractor
  This is a simple Python script that connects to a MISP instance and retrieves attributes of specific types (such as IP addresses, URLs, a…
  ☆16Updated 2 years ago
• mandiant / DFUR-Splunk-App
  The "DFUR" Splunk application and data that was presented at the 2020 SANS DFIR Summit.
  ☆12Updated 4 years ago
• NoDataFound / RiskIQ.SunBurst.Hunter
  The Purpose of this research tool is to provide a Python client into RiskIQ API services.
  ☆22Updated 4 years ago
• mdsecactivebreach / Invoke-ProcessScan
  Gives context to a system. Uses EQGRP shadow broker leaked list to give some descriptions to processes.
  ☆14Updated 7 years ago
• rshipp / ir-triage-toolkit
  Create an incident response triage toolkit for use with Windows or Linux.
  ☆17Updated 4 years ago
• khast3x / CloudScraper
  CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
  ☆12Updated 6 years ago
• phainlen / DNS-Hunting
  Use DNS to hunt for threats including DGAs
  ☆15Updated 9 years ago
• jymcheong / aptc
  Automated Payload Test Controller
  ☆10Updated 7 years ago
• DefensiveOrigins / LABPACK
  Various components we use in labs
  ☆10Updated 4 years ago
• sectool / Python-Pentest-ToolKit
  Pentest ToolKit
  ☆28Updated 5 years ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆22Updated 7 months ago