Alternatives and similar repositories for flubot:

Users that are interested in flubot are comparing it to the libraries listed below

• covert-labs / mx-intel
  Jupyter Notebooks and code used for DNS MX mining to identify top email security providers
  ☆54Updated last year
• CyCat-project / cycat-service
  CyCAT.org API back-end server including crawlers
  ☆29Updated 2 years ago
• mandiant / ioc-scanner-CVE-2019-19781
  Indicator of Compromise Scanner for CVE-2019-19781
  ☆94Updated 5 years ago
• CIRCL / forensic-tools
  CIRCL system forensic tools or a jumble of tools to support forensic
  ☆42Updated 2 years ago
• swisscom / detections
  Threat intelligence and threat detection indicators (IOC, IOA)
  ☆52Updated 4 years ago
• bro / bro-osquery
  Bro integration with osquery
  ☆15Updated 2 years ago
• NextronSystems / thor_attck
  THOR MITRE ATT&CK Framework Coverage
  ☆24Updated 4 years ago
• thomaspatzke / sigma-workshop
  Elasticsearch/Kibana environment and log data for Sigma workshop
  ☆26Updated 5 years ago
• StamusNetworks / surimisp
  Check IOC provided by a MISP instance on Suricata events
  ☆17Updated 5 years ago
• cocaman / urlhaus
  ☆29Updated 7 years ago
• kulinacs / cowrie-attack
  Mapping the ATT&CK matrix in a Cowrie honeypot
  ☆16Updated 6 years ago
• EmergingThreats / log4shell-detection
  ☆12Updated 3 years ago
• theparanoids / rdfp
  Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
  ☆39Updated last year
• D4-project / BGP-Ranking
  BGP ranking is a free software to calculate the security ranking of Internet Service Provider (ASN)
  ☆72Updated 10 months ago
• JimmyAstle / Atomic-Parser
  Python parser for Red Canary's Atomic Red Team Yamls
  ☆27Updated 6 years ago
• nccgroup / KilledProcessCanary
  A canary designed to minimize the impact from certain Ransomware actors
  ☆98Updated 4 years ago
• packetsifter / packetsifterTool
  PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…
  ☆95Updated 3 years ago
• BreakingMalwareResearch / YetiToElastic
  YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack
  ☆16Updated 4 years ago
• OISF / suricata-intel-index
  Suricata rule and intel index
  ☆30Updated last month
• SentineLabs / log4j_response
  ☆15Updated 3 years ago
• swisscom / PowerSponse
  PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.
  ☆38Updated 3 years ago
• nccgroup / yaml2yara
  Generate bulk YARA rules from YAML input
  ☆22Updated 5 years ago
• telekom-security / misp-warning-lists
  ☆28Updated this week
• notx11 / urlScan2Hive
  Triage automation for suspect URLs
  ☆13Updated 5 years ago
• Hestat / blazescan
  Blazescan is a linux webserver malware scanning and incident response tool, with built in support for cPanel servers, but will run on any…
  ☆60Updated 6 years ago
• singe / yellow
  A simple binary wrapper for DNS canarytokens.
  ☆25Updated 2 years ago
• DCSO / Blog_CyTec
  Repository to provide files related to our blog articles.
  ☆16Updated last year
• Kathayra / threathuntingmaturitymodel
  Build your own threat hunting maturity model
  ☆11Updated 7 years ago
• ciscocsirt / dhp
  Simple Docker Honeypot server emulating small snippets of the Docker HTTP API
  ☆30Updated 4 years ago
• jeFF0Falltrades / IoCs
  A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo
  ☆29Updated 4 years ago