Alternatives and similar repositories for assemblyline-base

Users that are interested in assemblyline-base are comparing it to the libraries listed below

• telekom-security / malware_analysis
  This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.
  ☆119Updated 2 years ago
• CybercentreCanada / CCCS-Yara
  YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA
  ☆114Updated 7 months ago
• CybercentreCanada / assemblyline-core
  Core server components for Assemblyline 4 (Alerter, dispatcher, expiry, ingester, scaler, updater, ...)
  ☆21Updated last week
• target / halogen
  Automatically create YARA rules from malicious documents.
  ☆212Updated 3 years ago
• RH-ISAC / PyOTI
  Python library for threat intelligence
  ☆91Updated 11 months ago
• W3ndige / aurora
  Malware similarity platform with modularity in mind.
  ☆79Updated 4 years ago
• ForensicArtifacts / artifacts-kb
  Digital Forensics Artifacts Knowledge Base
  ☆88Updated last week
• swisscom / detections
  Threat intelligence and threat detection indicators (IOC, IOA)
  ☆52Updated 5 years ago
• mandiant / thiri-notebook
  The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…
  ☆154Updated 3 years ago
• 3c7 / yaramanager
  Simple yara rule manager
  ☆66Updated 3 years ago
• MITRECND / malchive
  Various capabilities for static malware analysis.
  ☆79Updated last year
• andreafortuna / autotimeliner
  Automagically extract forensic timeline from volatile memory dump
  ☆131Updated last year
• JPCERTCC / jpcert-yara
  JPCERT/CC public YARA rules repository
  ☆110Updated last month
• Neo23x0 / yaraQA
  YARA rule analyzer to improve rule quality and performance
  ☆107Updated 8 months ago
• sbousseaden / YaraHunts
  Random hunting ordiented yara rules
  ☆98Updated 2 years ago
• OTRF / infosec-jupyterthon
  A community event for security researchers to share their favorite notebooks
  ☆109Updated last year
• tap-ir / tapir
  TAPIR is a multi-user, client/server, incident response framework
  ☆48Updated 3 years ago
• cado-security / rip_raw
  Rip Raw is a small tool to analyse the memory of compromised Linux systems.
  ☆133Updated 3 years ago
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆75Updated last year
• docker-forensics-toolkit / toolkit
  A toolkit for the post-mortem examination of Docker containers from forensic HDD copies
  ☆106Updated last year
• Maboalenen / DFIR
  Incident response teams usually working on the offline data, collecting the evidence, then analyze the data
  ☆45Updated 3 years ago
• CybercentreCanada / assemblyline_client
  Python client for Assemblyline 3 and 4 / Client python pour AssemblyLine 3 and 4
  ☆23Updated last week
• Neo23x0 / panopticon
  A YARA Rule Performance Measurement Tool
  ☆61Updated last year
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆66Updated 3 years ago
• hatching / triage
  Hatching Triage public command-line utility and API library.
  ☆74Updated 2 years ago
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆136Updated last year
• fireeye / HXTool
  HXTool is an extended user interface for the FireEye HX Endpoint product. HXTool can be installed on a dedicated server or on your physic…
  ☆84Updated last year
• hpthreatresearch / subcrawl
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆147Updated 2 years ago
• swisscom / ArtifactCollectionMatrix
  Forensic Artifact Collection Tool Matrix
  ☆91Updated last year
• theflakes / reg_hunter
  Blueteam operational triage registry hunting/forensic tool.
  ☆150Updated 3 months ago