TedDriggs / ctiLinks
Cyber threat intelligence crates for Rust
☆16Updated last year
Alternatives and similar repositories for cti
Users that are interested in cti are comparing it to the libraries listed below
Sorting:
- Framework definitions that allow to build a custom SIEM.☆27Updated last year
- A cross platform forensic parser written in Rust!☆96Updated this week
- Rust bindings for VirusTotal/Yara☆78Updated 6 months ago
- A parser for the MFT (Master File Table) format☆145Updated 2 years ago
- Rust implementation of the DCSO Bloom filter☆28Updated 2 months ago
- MalwareDB: bookkeeping for malware, goodware, and unknown files with relationship discovery☆52Updated this week
- A document tagging library☆30Updated 5 months ago
- A Rust library for parsing and evaluating Sigma rules☆15Updated 4 months ago
- Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert☆36Updated 2 years ago
- An implementation of a Windows Event Collector server running on GNU/Linux.☆77Updated last week
- File Capability Extractor☆13Updated 2 months ago
- Python bindings for https://github.com/omerbenamram/evtx/☆52Updated 7 months ago
- provides a Suricata Eve output for Kafka with Suricate Eve plugin☆15Updated 3 years ago
- Firepit - STIX Columnar Storage☆16Updated last year
- CAPE Auto-Hardened Installer☆23Updated 7 months ago
- This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…☆16Updated 3 years ago
- Golang library that implements a sigma log rule parser and match engine.☆100Updated last year
- Alternative YARA scanning engine☆72Updated 3 years ago
- Artifact collection tool for *nix systems☆210Updated last year
- LOKI2 - Simple IOC and YARA Scanner☆102Updated 2 months ago
- PAL (Pcap Analysis Library)☆101Updated last month
- MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats☆55Updated 2 weeks ago
- Security ML models encoded as Yara rules☆213Updated 2 years ago
- ☆15Updated 2 years ago
- Signature engine for all your logs☆171Updated last year
- MuonFP is an enterprise ready, TCP passive fingerprinter written in Rust that has no external dependencies such as WireShark or other ope…☆25Updated 2 months ago
- Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…☆90Updated 3 weeks ago
- Private Search Set (PSS) is an extension to standard Bloom filter or a standalone hash file to describe and share private set.☆16Updated 8 months ago
- stix-icons is a collection of colourful and clean icons for use in software, training and marketing material to visualize cyber threats a…☆35Updated 2 years ago
- OASIS TC Open Repository: Non-normative schemas and examples for STIX 2☆127Updated 2 months ago