Alternatives and similar repositories for cti:

Users that are interested in cti are comparing it to the libraries listed below

• puffyCid / artemis
  A cross platform forensic parser written in Rust!
  ☆80Updated last week
• u-siem / u-siem-core
  Framework definitions that allow to build a custom SIEM.
  ☆25Updated 6 months ago
• WithSecureLabs / tau-engine
  A document tagging library
  ☆30Updated 3 weeks ago
• sebdraven / IOCmite
  Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert
  ☆36Updated 2 years ago
• malwaredb / malwaredb-rs
  MalwareDB: bookkeeping for malware, goodware, and unknown files with relationship discovery
  ☆44Updated this week
• Hugal31 / yara-rust
  Rust bindings for VirusTotal/Yara
  ☆75Updated last month
• omerbenamram / mft
  A parser for the MFT (Master File Table) format
  ☆137Updated last year
• avast / yarang
  Alternative YARA scanning engine
  ☆70Updated 2 years ago
• Neo23x0 / Loki2
  LOKI2 - Simple IOC and YARA Scanner
  ☆89Updated 8 months ago
• marirs / capa-rs
  File Capability Extractor
  ☆13Updated last month
• rusticata / pcap-analyzer
  PAL (Pcap Analysis Library)
  ☆98Updated 4 months ago
• omerbenamram / pyevtx-rs
  Python bindings for https://github.com/omerbenamram/evtx/
  ☆50Updated last month
• redcanaryco / oxidebpf
  A Rust library for managing eBPF programs.
  ☆120Updated last year
• flowintel / flowintel
  An open source platform to support analysts to organise their case and tasks
  ☆71Updated this week
• mmguero-dev / Malcolm-PCAP
  This repository has been archived in favor of https://github.com/idaholab/Malcolm-Test-Artifacts
  ☆33Updated 4 months ago
• erichutchins / geoipsed
  Fast, inline geolocation decoration of IPv4 and IPv6 addresses written in Rust
  ☆26Updated last year
• Devolutions / siquery-rs
  siquery, a Rust osquery implementation to query system information
  ☆59Updated 2 years ago
• rusty-ferris-club / recon
  🕵️‍♀️ Find, locate, and query files for ops and security experts ⚡️⚡️⚡️
  ☆33Updated 2 years ago
• vthib / boreal
  Safe and performant YARA rules evaluator in Rust
  ☆46Updated last week
• rapid7 / resynth
  A network packet synthesis language
  ☆12Updated 3 months ago
• marirs / sigma-convert
  Convert Sigma Rules to different formats
  ☆11Updated 8 months ago
• hashlookup / poppy
  Rust implementation of the DCSO Bloom filter
  ☆27Updated 3 weeks ago
• strozfriedberg / notatin
  A Windows registry file parser written in Rust
  ☆37Updated last year
• muchdogesec / stixify
  Extract machine readable cyber threat intelligence from unstructured data (inc. PDFs, Word docs, and HTML pages)
  ☆14Updated this week
• cyentific-rni / security-playbook-stix-misp-exchange
  This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…
  ☆16Updated 2 years ago
• cea-sec / openwec
  An implementation of a Windows Event Collector server running on GNU/Linux.
  ☆70Updated last week
• jasonish / suricatax-rule-parser-rs
  ☆11Updated 11 months ago
• CybercentreCanada / sawp
  Security Aware Wire Protocol parsing library
  ☆38Updated 6 months ago
• Center-Sun / suricata-kafka-output
  provides a Suricata Eve output for Kafka with Suricate Eve plugin
  ☆14Updated 3 years ago
• StamusNetworks / suricata-language-server
  Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…
  ☆70Updated last week