Alternatives and similar repositories for purple-mcp

Users that are interested in purple-mcp are comparing it to the libraries listed below

• SigmaHQ / pySigma
  Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)
  ☆527Updated this week
• PaloAltoNetworks / Unit42-timely-threat-intel
  A collection of files with indicators supporting social media posts from Palo Alto Network's Unit 42 team to disseminate timely threat in…
  ☆445Updated this week
• CrowdStrike / logscale-community-content
  This repository contains Community and Field contributed content for LogScale
  ☆315Updated 2 weeks ago
• THORCollective / HEARTH
  A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …
  ☆300Updated this week
• CrowdStrike / falconpy
  The CrowdStrike Falcon SDK for Python
  ☆467Updated last month
• madirish / ossocdocs
  Open Source Security Operations Center Documentation
  ☆207Updated 7 months ago
• CybercentreCanada / assemblyline
  AssemblyLine 4: File triage and malware analysis
  ☆418Updated last week
• mitre-attack / mitreattack-python
  A python module for working with ATT&CK
  ☆654Updated last week
• MISP / misp-docker
  A production ready Dockered MISP
  ☆320Updated 3 weeks ago
• AttackIQ / pySigma-backend-kusto
  ☆44Updated 2 months ago
• invictus-ir / Microsoft-Extractor-Suite
  A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.
  ☆762Updated 3 weeks ago
• dwillowtree / diana
  Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )
  ☆225Updated last year
• center-for-threat-informed-defense / cti-blueprints
  CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…
  ☆279Updated 10 months ago
• splunk / contentctl
  Splunk Content Control Tool
  ☆127Updated last week
• Digital-Defense-Institute / openrelik-pipeline
  Pipeline that allows sending forensic artifacts to OpenRelik for automatic processing
  ☆39Updated last week
• Bert-JanP / Open-Source-Threat-Intel-Feeds
  This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…
  ☆745Updated last year
• hulkmode / echothreat
  ☆32Updated 5 months ago
• SigmaHQ / sigma-specification
  Sigma rule specification
  ☆172Updated last week
• BushidoUK / CTI-Analyst-Challenge
  An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.
  ☆201Updated last year
• dlcowen / sansfor509
  Public script from SANS FOR509 Enterprise Cloud Incident Response
  ☆218Updated 3 months ago
• magicsword-io / sigconverter.io
  An opensource sigma conversion tool built using pysigma
  ☆157Updated 3 weeks ago
• cmu-sei / GHOSTS
  GHOSTS is a realistic user simulation framework for cyber experimentation, simulation, training, and exercise
  ☆656Updated 2 weeks ago
• cudeso / misp2defender
  MISP to Microsoft Defender integration
  ☆16Updated last week
• magicsword-io / LOLRMM
  LotL RMM
  ☆289Updated last week
• google / dfiq
  DFIQ is a collection of investigative questions and the approaches for answering them
  ☆301Updated last year
• sublime-security / sublime-rules
  Sublime rules for email attack detection, prevention, and threat hunting.
  ☆345Updated this week
• forensicmatt / sansaisummit24
  Tool and Jupyter Notebook used in "Enhance Investigations Using LLM, Embeddings, and Clustering" SANS AI Cybersecurity Summit talk.
  ☆18Updated 10 months ago
• mdecrevoisier / SIGMA-detection-rules
  Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques
  ☆411Updated 3 months ago
• CiscoCXSecurity / Detection-Engineering-Framework
  ☆96Updated last month
• SigmaHQ / sigma-cli
  The Sigma command line interface based on pySigma
  ☆176Updated last month