Alternatives and similar repositories for flubot

Users that are interested in flubot are comparing it to the libraries listed below

• covert-labs / mx-intel
  Jupyter Notebooks and code used for DNS MX mining to identify top email security providers
  ☆57Updated 2 years ago
• swisscom / detections
  Threat intelligence and threat detection indicators (IOC, IOA)
  ☆52Updated 5 years ago
• CyCat-project / cycat-service
  CyCAT.org API back-end server including crawlers
  ☆29Updated 2 years ago
• redcanaryco / vscode-attack
  Visual Studio Code extension for MITRE ATT&CK
  ☆55Updated last year
• vz-risk / flow
  Tools related to work with Attack Flow (https://github.com/center-for-threat-informed-defense/attack-flow)
  ☆44Updated 3 years ago
• nesfit / NetfoxDetective
  Network Forensic Extendable Analysis Tool
  ☆39Updated 3 years ago
• rkovar / sunburstlookups
  Quick lookup files for SUNBURST Backdoor
  ☆12Updated 5 years ago
• thomaspatzke / sigma-workshop
  Elasticsearch/Kibana environment and log data for Sigma workshop
  ☆27Updated 6 years ago
• MISP / misp-sighting-server
  MISP sighting server is a fast sighting server to store and look-up sightings on attributes (network indicators, file hashes, system indi…
  ☆15Updated 2 years ago
• 2igosha / sunburst_dga
  ☆22Updated 5 years ago
• eCrimeLabs / phish2MISP
  Easy way to create a MISP event related to a Phishing page
  ☆17Updated 2 years ago
• CIRCL / forensic-tools
  CIRCL system forensic tools or a jumble of tools to support forensic
  ☆41Updated 2 years ago
• MISP / misp-takedown
  A curses-style interface for automatic takedown notification based on MISP events.
  ☆20Updated 5 years ago
• mnemonic-no / SNIcat
  SNIcat
  ☆128Updated 4 years ago
• threathunters-io / QLOG
  Windows Security Logging
  ☆43Updated 3 years ago
• singe / yellow
  A simple binary wrapper for DNS canarytokens.
  ☆25Updated 3 years ago
• farsightsec / dnsdbflex
  command line tool to use the DNSDB Flexible Search API extensions.
  ☆16Updated last year
• SteveD3 / kit_hunter
  A basic phishing kit scanner for dedicated and semi-dedicated hosting
  ☆109Updated 3 years ago
• telekom-security / acquire-aws-ec2
  A python script to acquire multiple aws ec2 instances in a forensically sound-ish way
  ☆38Updated 4 years ago
• packetsifter / packetsifterTool
  PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…
  ☆95Updated 4 years ago
• f5devcentral / cve-2020-5902-ioc-bigip-checker
  ☆17Updated 5 years ago
• DomainTools / DomainCAT
  Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations
  ☆45Updated 4 years ago
• mandiant / ioc-scanner-CVE-2019-19781
  Indicator of Compromise Scanner for CVE-2019-19781
  ☆94Updated 5 years ago
• swimlane / PSAttck
  PSAttck is a light-weight framework for the MITRE ATT&CK Framework.
  ☆38Updated 3 years ago
• n3l5 / irMempull
  PowerShell Memory Pulling script
  ☆19Updated 10 years ago
• MISP / PyMISPWarningLists
  Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists
  ☆35Updated this week
• SentineLabs / log4j_response
  ☆15Updated 4 years ago
• ninoseki / ioc-extractor
  An npm package for extracting common IoC (Indicator of Compromise) from a block of text
  ☆58Updated 3 months ago
• eCrimeLabs / cratos-fastapi
  The CRATOS proxy API integrates with your MISP instance and allows to extract indicators that can be consumed by security components such…
  ☆13Updated 3 months ago
• cocaman / yara-scan-service
  Repository for scripts and tips for "Yara Scan Service"
  ☆20Updated 2 years ago