Alternatives and similar repositories for assemblyline

Users that are interested in assemblyline are comparing it to the libraries listed below

• CybercentreCanada / assemblyline4_docs

  View on GitHub
  AssemblyLine4 documentation
  ☆28Jan 30, 2026Updated 2 weeks ago
• CybercentreCanada / assemblyline-base

  View on GitHub
  Base components for Assemblyline 4 (Datastore, ODM, Filestore, Remote Datatypes, utils function, etc...)
  ☆71Updated this week
• CybercentreCanada / assemblyline-ui

  View on GitHub
  Web interface and APIs for Assemblyline 4
  ☆20Updated this week
• CybercentreCanada / CCCS-Yara

  View on GitHub
  YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA
  ☆114Updated this week
• CERT-Polska / mwdb-core

  View on GitHub
  Malware repository component for samples & static configuration with REST API interface.
  ☆373Feb 6, 2026Updated last week
• CybercentreCanada / assemblyline_client

  View on GitHub
  Python client for Assemblyline 3 and 4 / Client python pour AssemblyLine 3 and 4
  ☆23Dec 18, 2025Updated last month
• CybercentreCanada / assemblyline-core

  View on GitHub
  Core server components for Assemblyline 4 (Alerter, dispatcher, expiry, ingester, scaler, updater, ...)
  ☆21Updated this week
• kevoreilly / CAPEv2

  View on GitHub
  Malware Configuration And Payload Extraction
  ☆2,991Feb 6, 2026Updated last week
• CybercentreCanada / assemblyline-v4-service

  View on GitHub
  Base service class from Assemblyline 4
  ☆15Updated this week
• CERT-Polska / drakvuf-sandbox

  View on GitHub
  DRAKVUF Sandbox - automated hypervisor-level malware analysis system
  ☆1,263Updated this week
• CybercentreCanada / assemblyline-docker-compose

  View on GitHub
  Docker compose Assemblyline 4 deployment (appliance and development)
  ☆17Feb 6, 2026Updated last week
• target / strelka

  View on GitHub
  Real-time, container-based file scanning at enterprise scale
  ☆974Updated this week
• W3ndige / aurora

  View on GitHub
  Malware similarity platform with modularity in mind.
  ☆80Jul 18, 2021Updated 4 years ago
• hm-seclab / YAFRA

  View on GitHub
  YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
  ☆27Dec 14, 2021Updated 4 years ago
• salesforce / multithreaded-exfil-detection

  View on GitHub
  A simple way of detecting multithreaded exfiltration in Zeek.
  ☆15May 1, 2025Updated 9 months ago
• CERT-Polska / karton

  View on GitHub
  Distributed malware processing framework based on Python, Redis and S3.
  ☆462Dec 1, 2025Updated 2 months ago
• CybercentreCanada / assemblyline-service-cuckoo

  View on GitHub
  Assemblyline 4 Malware detonation service (Cuckoo)
  ☆17Feb 12, 2024Updated 2 years ago
• threathunters-io / laurel

  View on GitHub
  Transform Linux Audit logs for SIEM usage
  ☆811Dec 18, 2025Updated last month
• EXC3L-ONE / awesome-synapse

  View on GitHub
  List of Awesome Vertex Synapse Resources
  ☆28Aug 6, 2024Updated last year
• ail-project / ail-yara-rules

  View on GitHub
  A set of YARA rules for the AIL framework to detect leak or information disclosure
  ☆41Jan 31, 2025Updated last year
• farsightsec / dnsdbflex

  View on GitHub
  command line tool to use the DNSDB Flexible Search API extensions.
  ☆16Aug 5, 2024Updated last year
• cudeso / dfir-iris-misp-timesketch

  View on GitHub
  Scripts to integrate DFIR-IRIS, MISP and TimeSketch
  ☆34Feb 2, 2022Updated 4 years ago
• CyCat-project / cycat-taxonomy

  View on GitHub
  CyCAT.org taxonomies
  ☆15May 22, 2021Updated 4 years ago
• pandora-analysis / pandora

  View on GitHub
  Pandora is an analysis framework to discover if a file is suspicious and conveniently show the results
  ☆278Updated this week
• MISP / misp-training-lea

  View on GitHub
  Practical Information Sharing between Law Enforcement and CSIRT communities using MISP
  ☆35Sep 18, 2023Updated 2 years ago
• kacos2000 / Evtx_Log_Browser

  View on GitHub
  Evtx Log (xml) Browser
  ☆57Mar 12, 2023Updated 2 years ago
• fox-it / dissect

  View on GitHub
  Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts…
  ☆1,072Nov 25, 2025Updated 2 months ago
• wagga40 / Zircolite

  View on GitHub
  A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
  ☆778Feb 6, 2026Updated last week
• hashlookup / hashlookup-forensic-analyser

  View on GitHub
  Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https…
  ☆128Sep 24, 2023Updated 2 years ago
• fox-it / acquire

  View on GitHub
  acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.
  ☆117Jan 16, 2026Updated 3 weeks ago
• DFIR-ORC / dfir-orc

  View on GitHub
  Forensics artefact collection tool for systems running Microsoft Windows
  ☆431Mar 26, 2025Updated 10 months ago
• aff4 / Standard

  View on GitHub
  AFF4 Standard Documents
  ☆29Feb 4, 2022Updated 4 years ago
• log2timeline / dftimewolf

  View on GitHub
  A framework for orchestrating forensic collection, processing and data export
  ☆341Jan 28, 2026Updated 2 weeks ago
• mandiant / capa

  View on GitHub
  The FLARE team's open-source tool to identify capabilities in executable files.
  ☆5,813Feb 5, 2026Updated last week
• ail-project / ail-feeder-twitter

  View on GitHub
  External twitter feeder for AIL framework
  ☆16Apr 16, 2023Updated 2 years ago
• blueteam0ps / det-eng-samples

  View on GitHub
  This repository contains sample log data that were collected after running adversary simulations in Microsoft 365
  ☆23Oct 9, 2024Updated last year
• mandiant / capa-rules

  View on GitHub
  Standard collection of rules for capa: the tool for enumerating the capabilities of programs
  ☆685Jan 30, 2026Updated 2 weeks ago
• flowintel / flowintel

  View on GitHub
  An open source platform to support analysts to organise their case and tasks
  ☆123Feb 5, 2026Updated last week
• BushidoUK / Abused-Legitimate-Services

  View on GitHub
  Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups
  ☆60Oct 28, 2022Updated 3 years ago