Alternatives and similar repositories for flubot

Users that are interested in flubot are comparing it to the libraries listed below

• swisscom / detections
  Threat intelligence and threat detection indicators (IOC, IOA)
  ☆52Updated 5 years ago
• covert-labs / mx-intel
  Jupyter Notebooks and code used for DNS MX mining to identify top email security providers
  ☆57Updated 2 years ago
• ninoseki / ioc-extractor
  An npm package for extracting common IoC (Indicator of Compromise) from a block of text
  ☆59Updated 3 months ago
• rkovar / sunburstlookups
  Quick lookup files for SUNBURST Backdoor
  ☆12Updated 5 years ago
• packetsifter / packetsifterTool
  PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…
  ☆93Updated 4 years ago
• clausing / scripts
  ☆78Updated 2 weeks ago
• bro / bro-osquery
  Bro integration with osquery
  ☆15Updated 2 years ago
• enisaeu / Reference-Security-Incident-Taxonomy-Task-Force
  This repository hosts files relating to the TF-CSIRT Reference Security Incident Taxonomy Working Group.
  ☆74Updated 9 months ago
• CERT-Bund / IRNetTools
  Incident Response Network Tools
  ☆24Updated 4 years ago
• telekom-security / acquire-aws-ec2
  A python script to acquire multiple aws ec2 instances in a forensically sound-ish way
  ☆38Updated 4 years ago
• SteveD3 / kit_hunter
  A basic phishing kit scanner for dedicated and semi-dedicated hosting
  ☆109Updated 3 years ago
• Neo23x0 / ti-falsepositives
  A collection of typical false positive indicators
  ☆56Updated 5 years ago
• SecurityNik / pktIntel
  Tool used to perform threat intelligence against packet data
  ☆36Updated last year
• cudeso / tools
  Different tools, koen.vanimpe@cudeso.be
  ☆137Updated 6 months ago
• c-APT-ure / my-public-stuff
  repo for sharing stuff
  ☆17Updated 6 months ago
• weslambert / securityonion-strelka
  ☆13Updated 6 years ago
• cocaman / yara-scan-service
  Repository for scripts and tips for "Yara Scan Service"
  ☆20Updated 2 years ago
• MISP / misp-sighting-server
  MISP sighting server is a fast sighting server to store and look-up sightings on attributes (network indicators, file hashes, system indi…
  ☆15Updated 2 years ago
• mandiant / ioc-scanner-CVE-2019-19781
  Indicator of Compromise Scanner for CVE-2019-19781
  ☆94Updated 5 years ago
• redcanaryco / vscode-attack
  Visual Studio Code extension for MITRE ATT&CK
  ☆55Updated last year
• threathunters-io / QLOG
  Windows Security Logging
  ☆43Updated 3 years ago
• ninoseki / iocingestor
  An extendable tool to extract and aggregate IoCs from threat feeds
  ☆33Updated last year
• eCrimeLabs / phish2MISP
  Easy way to create a MISP event related to a Phishing page
  ☆17Updated 2 years ago
• MarkBaggett / GeoLocationNotebook
  ☆39Updated 5 years ago
• sandialabs / gait
  Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies
  ☆39Updated 4 months ago
• MISP / PyMISPWarningLists
  Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists
  ☆35Updated 3 weeks ago
• MISP / intelligence-icons
  intelligence-icons is a collection of icons and diagrams for building training and marketing materials around Intelligence sharing; inclu…
  ☆41Updated 6 years ago
• D4-project / BGP-Ranking
  BGP ranking is a free software to calculate the security ranking of Internet Service Provider (ASN)
  ☆77Updated 3 weeks ago
• DomainTools / DomainCAT
  Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations
  ☆46Updated 4 years ago
• swimlane / PSAttck
  PSAttck is a light-weight framework for the MITRE ATT&CK Framework.
  ☆38Updated 4 years ago