Alternatives and similar repositories for cti

Users that are interested in cti are comparing it to the libraries listed below

• u-siem / u-siem-core
  Framework definitions that allow to build a custom SIEM.
  ☆28Updated last year
• jopohl / sigma-rust
  A Rust library for parsing and evaluating Sigma rules
  ☆19Updated 2 months ago
• puffyCid / artemis
  A cross platform forensic parser written in Rust!
  ☆101Updated this week
• Hugal31 / yara-rust
  Rust bindings for VirusTotal/Yara
  ☆80Updated 2 months ago
• hashlookup / poppy
  Rust implementation of the DCSO Bloom filter
  ☆29Updated 6 months ago
• WithSecureLabs / tau-engine
  A document tagging library
  ☆33Updated 10 months ago
• malwaredb / malwaredb-rs
  MalwareDB: bookkeeping for malware, goodware, and unknown files with relationship discovery
  ☆56Updated this week
• omerbenamram / mft
  A parser for the MFT (Master File Table) format
  ☆155Updated 3 weeks ago
• Center-Sun / suricata-kafka-output
  provides a Suricata Eve output for Kafka with Suricate Eve plugin
  ☆15Updated 4 years ago
• sebdraven / IOCmite
  Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert
  ☆36Updated 3 years ago
• omerbenamram / pyevtx-rs
  Python bindings for https://github.com/omerbenamram/evtx/
  ☆55Updated 3 weeks ago
• cea-sec / openwec
  An implementation of a Windows Event Collector server running on GNU/Linux.
  ☆89Updated last week
• rusticata / pcap-analyzer
  PAL (Pcap Analysis Library)
  ☆104Updated 6 months ago
• sophos / yaraml_rules
  Security ML models encoded as Yara rules
  ☆215Updated 2 years ago
• avast / yarang
  Alternative YARA scanning engine
  ☆73Updated 3 years ago
• StamusNetworks / suricata-language-server
  Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…
  ☆84Updated last month
• bradleyjkemp / sigma-go
  A Go implementation and parser for Sigma rules.
  ☆93Updated 8 months ago
• markuskont / go-sigma-rule-engine
  Golang library that implements a sigma log rule parser and match engine.
  ☆103Updated last year
• n4r1b / ferrisetw
  Basically a KrabsETW rip-off written in Rust
  ☆82Updated 3 months ago
• hashlookup / private-search-set
  Private Search Set (PSS) is an extension to standard Bloom filter or a standalone hash file to describe and share private set.
  ☆16Updated last year
• marirs / capa-rs
  File Capability Extractor
  ☆14Updated 6 months ago
• SigmaHQ / pySigma-backend-elasticsearch
  pySigma Elasticsearch backend
  ☆60Updated this week
• opencybersecurityalliance / oca-iob
  Augmentation to Machine Readable CTI
  ☆37Updated 4 months ago
• vthib / boreal
  Safe and performant YARA rules evaluator in Rust
  ☆67Updated 2 months ago
• 0xrawsec / gene
  Signature engine for all your logs
  ☆173Updated 2 years ago
• CybercentreCanada / CCCS-Yara
  YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA
  ☆114Updated 3 weeks ago
• exein-io / kepler
  NIST-based CVE lookup store and API powered by Rust.
  ☆136Updated 4 months ago
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆136Updated last year
• tenzir / threatbus
  🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.
  ☆269Updated 2 years ago
• cyentific-rni / security-playbook-stix-misp-exchange
  This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…
  ☆16Updated 3 years ago