OTRF/OSSEM-DD external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

OTRF/OSSEM-DD

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/OTRF/OSSEM-DD)

Close

OTRF / OSSEM-DDView on GitHubMore

• External links
• Readme badge

OSSEM Data Dictionaries

☆67Jan 22, 2025Updated last year

Alternatives and similar repositories for OSSEM-DD

Users that are interested in OSSEM-DD are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• OTRF / OSSEM-CDM

  View on GitHub
  OSSEM Common Data Model
  ☆56Sep 20, 2022Updated 3 years ago
• OTRF / OSSEM-DM

  View on GitHub
  OSSEM Detection Model
  ☆184Oct 11, 2022Updated 3 years ago
• secgroundzero / ossem_modular

  View on GitHub
  OSSEM Modular
  ☆27Jun 29, 2020Updated 5 years ago
• corelight / zeek2es

  View on GitHub
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆40Aug 18, 2022Updated 3 years ago
• microsoft / ASDET

  View on GitHub
  ☆18Sep 3, 2021Updated 4 years ago
• Serverless GPU API endpoints on Runpod - Get Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• OTRF / sigma

  View on GitHub
  Generic Signature Format for SIEM Systems
  ☆14Oct 27, 2021Updated 4 years ago
• OTRF / OSSEM

  View on GitHub
  Open Source Security Events Metadata (OSSEM)
  ☆1,298Feb 27, 2023Updated 3 years ago
• corelight / ecs-mapping

  View on GitHub
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆33May 23, 2026Updated 3 weeks ago
• olafhartong / detection-sources

  View on GitHub
  ☆53Mar 4, 2019Updated 7 years ago
• corelight / json-streaming-logs

  View on GitHub
  Zeek package to create JSON formatted logs to stream into data analysis systems.
  ☆31Dec 3, 2025Updated 6 months ago
• cdefid / TheHiveIRPlaybook

  View on GitHub
  TheHiveIRPlaybook is a collection of TheHive case templates used for Incident Response
  ☆13Jul 13, 2020Updated 5 years ago
• matthieugras / timeline-downloader

  View on GitHub
  ☆84Feb 4, 2026Updated 4 months ago
• center-for-threat-informed-defense / attack-powered-suit

  View on GitHub
  ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…
  ☆83Apr 29, 2026Updated last month
• corelight / zeek-community-id

  View on GitHub
  Zeek support for Community ID flow hashing.
  ☆37Jul 11, 2023Updated 2 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• OTRF / Microsoft-Sentinel2Go

  View on GitHub
  Microsoft Sentinel2Go is an open source project developed to expedite the deployment of a Microsoft Sentinel research lab.
  ☆594Jan 22, 2025Updated last year
• OTRF / Security-Datasets

  View on GitHub
  Re-play Security Events
  ☆1,771Mar 20, 2024Updated 2 years ago
• ocsf / ocsf-validator

  View on GitHub
  OCSF Schema Validation
  ☆12May 4, 2026Updated last month
• corelight / Elasticsearch_rules

  View on GitHub
  Elastic version of SOC prime watcher rules
  ☆30Oct 14, 2024Updated last year
• MHaggis / CBR-Queries

  View on GitHub
  Collection of useful, up to date, Carbon Black Response Queries
  ☆86Oct 23, 2020Updated 5 years ago
• corelight / ecs-logstash-mappings

  View on GitHub
  Mapping Corelight or Zeek data to Elastic Common Schema logs
  ☆11May 21, 2026Updated 3 weeks ago
• carbonblack / cb-yara-connector

  View on GitHub
  Analyze binaries collected in VMware Carbon Black EDR against Yara rules.
  ☆39Feb 23, 2026Updated 3 months ago
• botherder / go-autoruns

  View on GitHub
  Collect autorun records from running system
  ☆62Jan 21, 2022Updated 4 years ago
• hailehong95 / practice-maldev

  View on GitHub
  Common Malware Techniques
  ☆13Mar 26, 2023Updated 3 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• OTRF / Blacksmith

  View on GitHub
  Building environments to replicate small networks and deploy applications
  ☆335Jan 9, 2026Updated 5 months ago
• CIRCL / factual-rules-generator

  View on GitHub
  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
  ☆75Jan 18, 2022Updated 4 years ago
• mitre-attack / attack-datasources

  View on GitHub
  This content is analysis and research of the data sources currently listed in ATT&CK.
  ☆413Sep 13, 2023Updated 2 years ago
• malice-plugins / get-mauled

  View on GitHub
  Download a Bunch of Malware for Demos and Testing
  ☆13Sep 28, 2018Updated 7 years ago
• SecureHats / validate-detections

  View on GitHub
  GitHub action for validating Microsoft Sentinel detection rules
  ☆14May 22, 2023Updated 3 years ago
• threathunters-io / QLOG

  View on GitHub
  Windows Security Logging
  ☆43Jul 17, 2022Updated 3 years ago
• microsoft / msticpy

  View on GitHub
  Microsoft Threat Intelligence Security Tools
  ☆1,974Jun 8, 2026Updated last week
• darkquasar / AIMOD2

  View on GitHub
  Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…
  ☆90Sep 16, 2023Updated 2 years ago
• FalconForceTeam / FalconForge

  View on GitHub
  This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deployin…
  ☆17Mar 10, 2023Updated 3 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• stuhli / awesome-event-ids

  View on GitHub
  Collection of Event ID ressources useful for Digital Forensics and Incident Response
  ☆656Jun 19, 2024Updated last year
• microsoft / msticnb

  View on GitHub
  MSTIC Notebook Components
  ☆35Sep 4, 2025Updated 9 months ago
• KC7-Foundation / kc7

  View on GitHub
  A cybersecurity game in Azure Data Explorer
  ☆176Jul 12, 2024Updated last year
• DarwinSec / DEFCON-KQL-KUNG-FU-22

  View on GitHub
  ☆18Jan 9, 2026Updated 5 months ago
• SecurityRiskAdvisors / sra-taxii2-server

  View on GitHub
  TAXII 2.0 Server implemented in Node JS with MongoDB backend
  ☆12Jan 3, 2023Updated 3 years ago
• ControlCompass / ControlCompass.github.io

  View on GitHub
  Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques
  ☆142Feb 25, 2024Updated 2 years ago
• d3fend / d3fend-ontology

  View on GitHub
  This repository holds the necessary content to produce the D3FEND ontology distribution.
  ☆109Jun 11, 2026Updated last week