Alternatives and similar repositories for cti:

Users that are interested in cti are comparing it to the libraries listed below

• Hugal31 / yara-rust
  Rust bindings for VirusTotal/Yara
  ☆75Updated 4 months ago
• WithSecureLabs / tau-engine
  A document tagging library
  ☆29Updated last year
• puffyCid / artemis
  A cross platform forensic parser written in Rust!
  ☆79Updated this week
• marirs / capa-rs
  File Capability Extractor
  ☆13Updated 3 months ago
• u-siem / u-siem-core
  Framework definitions that allow to build a custom SIEM.
  ☆25Updated 4 months ago
• malwaredb / malwaredb-rs
  MalwareDB: bookkeeping for malware, goodware, and unknown files with relationship discovery
  ☆38Updated this week
• avast / yarang
  Alternative YARA scanning engine
  ☆67Updated 2 years ago
• vthib / boreal
  Safe and performant YARA rules evaluator in Rust
  ☆45Updated this week
• n4r1b / ferrisetw
  Basically a KrabsETW rip-off written in Rust
  ☆66Updated 6 months ago
• Center-Sun / suricata-kafka-output
  provides a Suricata Eve output for Kafka with Suricate Eve plugin
  ☆14Updated 3 years ago
• mmguero-dev / Malcolm-PCAP
  This repository has been archived in favor of https://github.com/idaholab/Malcolm-Test-Artifacts
  ☆33Updated 2 months ago
• rustysec / fuzzyhash-rs
  Pure Rust fuzzy hash implementation
  ☆21Updated last year
• gcmurphy / osv
  Rust implementation of ossf osv specification
  ☆13Updated this week
• rusticata / pcap-analyzer
  PAL (Pcap Analysis Library)
  ☆98Updated 2 months ago
• hashlookup / private-search-set
  Private Search Set (PSS) is an extension to standard Bloom filter or a standalone hash file to describe and share private set.
  ☆16Updated last month
• CybercentreCanada / sawp
  Security Aware Wire Protocol parsing library
  ☆36Updated 4 months ago
• jasonish / suricatax-rule-parser-rs
  ☆10Updated 9 months ago
• sebdraven / IOCmite
  Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert
  ☆37Updated 2 years ago
• DevoInc / sightingdb
  Sighting DB is designed to scale writing and reading a count of attributes, tracking when if was first and last seen
  ☆16Updated 10 months ago
• erichutchins / geoipsed
  Fast, inline geolocation decoration of IPv4 and IPv6 addresses written in Rust
  ☆26Updated last year
• omerbenamram / mft
  A parser for the MFT (Master File Table) format
  ☆132Updated last year
• rapid7 / resynth
  A network packet synthesis language
  ☆12Updated last month
• avast / yari
  YARI is an interactive debugger for YARA Language.
  ☆88Updated last month
• Cluster25 / detection
  Threat Detection Rules (Snort/Sigma/Yara)
  ☆13Updated last year
• Neo23x0 / Loki2
  LOKI2 - Simple IOC and YARA Scanner
  ☆85Updated 6 months ago
• opencybersecurityalliance / firepit
  Firepit - STIX Columnar Storage
  ☆16Updated 8 months ago
• Devolutions / siquery-rs
  siquery, a Rust osquery implementation to query system information
  ☆56Updated 2 years ago
• COSSAS / SOARCA
  SOARCA - The Open Source CACAO-based Security Orchestrator!
  ☆65Updated this week
• cea-sec / openwec
  An implementation of a Windows Event Collector server running on GNU/Linux.
  ☆69Updated this week