MAECProject / python-maec

Related projects ⓘ

Alternatives and complementary repositories for python-maec

• MISP / misp-rfc
  Specifications used in the MISP project including MISP core format
  ☆46Updated last month
• MISP / MISP-STIX-Converter
  A utility repo to assist with converting between MISP and STIX formats
  ☆64Updated 3 years ago
• dgunter / ParseZeekLogs
  Utility for parsing Bro log files into CSV or JSON format
  ☆41Updated last year
• CybOXProject / python-cybox
  A Python library for parsing, manipulating, and generating CybOX content.
  ☆77Updated 4 years ago
• MISP / PyMISPWarningLists
  Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists
  ☆31Updated last week
• CIRCL / PyPDNS
  Client API to query any Passive DNS implementation following the Passive DNS - Common Output Format.
  ☆76Updated 3 weeks ago
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆34Updated last year
• LiamRandall / bro-scripts
  Bro scripts to be shared with the community
  ☆109Updated 11 years ago
• MISP / PyTaxonomies
  Python module to use the MISP Taxonomies
  ☆29Updated 2 months ago
• PUNCH-Cyber / stoq-plugins-public
  stoQ Public Plugins
  ☆71Updated last year
• stratosphereips / whois-similarity-distance
  This python scripts can calculate the WHOIS Similarity Distance between two given domains.
  ☆30Updated last year
• rkovar / dns_detection
  Detecting DNS Spoofing, DNS Tunneling, DNS Exfiltration
  ☆35Updated 9 years ago
• silascutler / MalPipe
  Malware/IOC ingestion and processing engine
  ☆103Updated 6 years ago
• MISP / mail_to_misp
  Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.
  ☆69Updated last year
• abusesa / abusehelper
  A framework for receiving and redistributing abuse feeds
  ☆118Updated 5 years ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆35Updated 2 years ago
• stratosphereips / StratosphereTestingFramework
  The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere …
  ☆50Updated 6 years ago
• LiamRandall / BroMalware-Exercise
  ☆85Updated 11 years ago
• gcrahay / otx_misp
  Imports Alienvault OTX pulses to a MISP instance
  ☆52Updated 3 years ago
• 0xtf / nsm-attack
  Mapping NSM rules to MITRE ATT&CK
  ☆68Updated 4 years ago
• spitfire55 / MegaDev
  Bro IDS + ELK Stack to detect and block data exfiltration
  ☆46Updated 6 years ago
• oasis-open / cti-training
  OASIS TC Open Repository: Providing a collection of CTI-related training materials
  ☆47Updated 2 years ago
• InQuest / ThreatKB
  Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
  ☆96Updated 5 months ago
• MISP / misp-objects
  Definition, description and relationship types of MISP objects
  ☆91Updated last week
• PaloAltoNetworks / ioc-parser
  Tool to extract indicators of compromise from security reports in PDF format
  ☆72Updated 5 months ago
• MISP / PyMISPGalaxies
  Pythonic way to work with the galaxies defined there: https://github.com/MISP/misp-galaxy
  ☆19Updated this week
• CIRCL / potiron
  Potiron - Normalize, Index and Visualize Network Capture
  ☆83Updated 5 years ago
• aboutsecurity / Bro-samples
  Network Forensics Bro scripts & pcap samples
  ☆62Updated 10 years ago
• MITRECND / yaraprocessor
  Yara is awesome, but sometimes you need to manipulate the data streams you're scanning in different ways.
  ☆97Updated 10 years ago