Alternatives and similar repositories for python-maec

Users that are interested in python-maec are comparing it to the libraries listed below

• MISP / misp-rfc
  Specifications used in the MISP project including MISP core format
  ☆52Updated last week
• cmu-sei / cyobstract
  A tool to extract structured cyber information from incident reports.
  ☆82Updated 7 years ago
• MISP / misp-objects
  Definition, description and relationship types of MISP objects
  ☆103Updated this week
• zeek / zeek-agent
  This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2
  ☆123Updated 5 years ago
• CybOXProject / python-cybox
  A Python library for parsing, manipulating, and generating CybOX content.
  ☆79Updated 5 years ago
• PUNCH-Cyber / stoq-plugins-public
  stoQ Public Plugins
  ☆71Updated 2 years ago
• oasis-open / cti-stix-elevator
  OASIS Cyber Threat Intelligence (CTI) TC Open Repository: Convert STIX 1.2 XML to STIX 2.x JSON
  ☆52Updated last year
• oasis-open / cti-pattern-matcher
  OASIS TC Open Repository: Match STIX content against STIX patterns
  ☆46Updated 3 years ago
• mitre / stix2patterns_translator
  Translate STIX 2 Patterning Queries
  ☆31Updated 7 years ago
• idaholab / STIG
  Structured Threat Intelligence Graph
  ☆97Updated last month
• stratosphereips / whois-similarity-distance
  This python scripts can calculate the WHOIS Similarity Distance between two given domains.
  ☆29Updated 2 years ago
• dgunter / ParseZeekLogs
  Utility for parsing Bro log files into CSV or JSON format
  ☆42Updated 2 years ago
• CIRCL / PyPDNS
  Client API to query any Passive DNS implementation following the Passive DNS - Common Output Format.
  ☆82Updated 8 months ago
• MISP / MISP-STIX-Converter
  A utility repo to assist with converting between MISP and STIX formats
  ☆69Updated 4 years ago
• DCSO / MISP-dockerized
  ☆34Updated 5 years ago
• InQuest / ThreatKB
  Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
  ☆103Updated 4 months ago
• STIXProject / openioc-to-stix
  Generate STIX XML from OpenIOC XML
  ☆93Updated 7 years ago
• certtools / malware_name_mapping
  A mapping of used malware names to commonly known family names
  ☆62Updated 2 years ago
• zeek / zeek-osquery
  Bro/Zeek integration with osquery
  ☆94Updated 5 years ago
• tylabs / dovehawk
  Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
  ☆122Updated 4 years ago
• SuperCowPowers / old-workbench-archived
  Workbench: A scalable python framework for security research and development teams.
  ☆92Updated 6 years ago
• abusesa / abusehelper
  A framework for receiving and redistributing abuse feeds
  ☆124Updated 6 years ago
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆37Updated 2 years ago
• stratosphereips / StratosphereTestingFramework
  The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere …
  ☆50Updated 7 years ago
• MISP / PyMISPWarningLists
  Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists
  ☆34Updated this week
• enisaeu / Reference-Security-Incident-Taxonomy-Task-Force
  This repository hosts files relating to the TF-CSIRT Reference Security Incident Taxonomy Working Group.
  ☆70Updated 7 months ago
• DevoInc / sightingdb
  Sighting DB is designed to scale writing and reading a count of attributes, tracking when if was first and last seen
  ☆16Updated last year
• tenable / yara-rules
  Repository of yara rules
  ☆60Updated 2 years ago
• MISP / mail_to_misp
  Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.
  ☆69Updated 2 years ago
• silascutler / MalPipe
  Malware/IOC ingestion and processing engine
  ☆107Updated 7 years ago