Alternatives and similar repositories for minemeld-docker

Users that are interested in minemeld-docker are comparing it to the libraries listed below

• ReconInfoSec / graylog2thehive
  Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.
  ☆45Updated 5 years ago
• counteractive / o365beat
  Elastic Beat for fetching and shipping Office 365 audit events
  ☆68Updated 5 years ago
• humio / security_monitoring
  ☆43Updated 2 years ago
• corelight / raspi-corelight
  Corelight@Home script
  ☆46Updated 2 years ago
• PaloAltoNetworks / minemeld-ansible
  Ansible playbook for installing MineMeld on Linux
  ☆48Updated 4 years ago
• jokezone / Update-Sysmon
  This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.
  ☆83Updated 2 years ago
• sans-blue-team / sec530-wiki
  ☆56Updated 4 years ago
• HASecuritySolutions / elastic_stack
  ☆34Updated 4 years ago
• jafarspalace / Crowdstrike-Falcon-Scripts
  Powershell Scripts to work on Crowdstrike Falcon that pull back raw data relevant to forensic investigation
  ☆23Updated last year
• activecm / docker-zeek
  Run zeek with zeekctl in docker
  ☆60Updated last year
• clausing / scripts
  ☆78Updated this week
• nidem / forgedpillow
  A tool to modify timestamps in a packet capture to a user selected date
  ☆31Updated 4 years ago
• socprime / soc_workflow_app_ce
  SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…
  ☆94Updated 3 years ago
• weslambert / securityonion-misp
  ☆37Updated 5 years ago
• splunk / salo
  Synthetic Adversarial Log Objects: A Framework for synthentic log generation
  ☆85Updated 2 years ago
• sans-blue-team / sec555-wiki
  ☆77Updated 6 years ago
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆56Updated 5 years ago
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆75Updated last year
• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆79Updated 3 months ago
• swisscom / detections
  Threat intelligence and threat detection indicators (IOC, IOA)
  ☆52Updated 5 years ago
• nettitude / defensive-scripts
  Defence Against the Dark Arts
  ☆34Updated 6 years ago
• PaloAltoNetworks / minemeld-misp
  MineMeld nodes for MISP
  ☆19Updated last year
• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆40Updated 3 years ago
• austinsonger / Elastic-Security
  Repo for Automations and other solutions for Elastic SIEM/Security.
  ☆18Updated 4 years ago
• activecm / threat-hunting-labs
  Collection of walkthroughs on various threat hunting techniques
  ☆76Updated 5 years ago
• Silv3rHorn / BulkStrike
  BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.
  ☆42Updated 3 years ago
• sametsazak / sysmon
  Sysmon and wazuh integration with Sigma sysmon rules [updated]
  ☆71Updated 4 years ago
• B2dfir / Free-Incident-Response-Management-and-Documentation-Workbook
  A free incident response management and documentation workbook
  ☆25Updated 7 years ago
• SecHubb / SecShell_Demo
  Philly Security Shell meetup demo and related files
  ☆31Updated 6 years ago
• HASecuritySolutions / LogCampaign
  Provides detection capabilities and log conversion to evtx or syslog capabilities
  ☆55Updated 3 years ago