Alternatives and similar repositories for python-maec

Users that are interested in python-maec are comparing it to the libraries listed below

• MISP / misp-rfc
  Specifications used in the MISP project including MISP core format
  ☆53Updated last month
• oasis-open / cti-stix-elevator
  OASIS Cyber Threat Intelligence (CTI) TC Open Repository: Convert STIX 1.2 XML to STIX 2.x JSON
  ☆52Updated last year
• mitre / stix2patterns_translator
  Translate STIX 2 Patterning Queries
  ☆31Updated 7 years ago
• MISP / MISP-STIX-Converter
  A utility repo to assist with converting between MISP and STIX formats
  ☆69Updated 5 years ago
• PUNCH-Cyber / stoq-plugins-public
  stoQ Public Plugins
  ☆71Updated 2 years ago
• STIXProject / openioc-to-stix
  Generate STIX XML from OpenIOC XML
  ☆94Updated 7 years ago
• cmu-sei / cyobstract
  A tool to extract structured cyber information from incident reports.
  ☆82Updated 7 years ago
• CybOXProject / python-cybox
  A Python library for parsing, manipulating, and generating CybOX content.
  ☆80Updated 5 years ago
• oasis-open / cti-pattern-matcher
  OASIS TC Open Repository: Match STIX content against STIX patterns
  ☆46Updated 3 years ago
• MISP / misp-objects
  Definition, description and relationship types of MISP objects
  ☆104Updated this week
• DCSO / MISP-dockerized
  ☆34Updated 5 years ago
• zeek / zeek-agent
  This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2
  ☆124Updated 5 years ago
• zeek / zeek-osquery
  Bro/Zeek integration with osquery
  ☆94Updated 5 years ago
• spitfire55 / MegaDev
  Bro IDS + ELK Stack to detect and block data exfiltration
  ☆46Updated 7 years ago
• CIRCL / PyPDNS
  Client API to query any Passive DNS implementation following the Passive DNS - Common Output Format.
  ☆82Updated last month
• dgunter / ParseZeekLogs
  Utility for parsing Bro log files into CSV or JSON format
  ☆42Updated 2 years ago
• Soinull / assimilate
  Assimilate is a series of scripts for using the Naïve Bayes algorithm to find potential malicious activity in HTTP headers
  ☆92Updated 8 years ago
• tylabs / dovehawk
  Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
  ☆122Updated 4 years ago
• gcrahay / otx_misp
  Imports Alienvault OTX pulses to a MISP instance
  ☆53Updated 4 years ago
• MISP / MISP-Taxii-Server
  An OpenTAXII Configuration for MISP
  ☆87Updated 3 years ago
• LiamRandall / BroMalware-Exercise
  ☆85Updated 12 years ago
• EmersonElectricCo / fsf
  File Scanning Framework
  ☆295Updated 4 years ago
• certtools / malware_name_mapping
  A mapping of used malware names to commonly known family names
  ☆62Updated 2 years ago
• sroberts / jager
  Hunting IOCs all day every day...
  ☆87Updated 2 years ago
• eclecticiq / cabby
  TAXII client implementation from EclecticIQ
  ☆104Updated 4 years ago
• tribalchicken / postfix-cuckoolyse
  A Postfix filter which takes a piped message and submits it to Cuckoo Sandbox
  ☆11Updated 9 years ago
• rkovar / dns_detection
  Detecting DNS Spoofing, DNS Tunneling, DNS Exfiltration
  ☆36Updated 10 years ago
• abusesa / abusehelper
  A framework for receiving and redistributing abuse feeds
  ☆125Updated 6 years ago
• stratosphereips / whois-similarity-distance
  This python scripts can calculate the WHOIS Similarity Distance between two given domains.
  ☆29Updated 3 years ago
• oasis-open / cti-documentation
  OASIS TC Open Repository: GitHub Pages site for STIX and TAXII
  ☆105Updated 2 months ago