Alternatives and similar repositories for cti

Users that are interested in cti are comparing it to the libraries listed below

• u-siem / u-siem-core
  Framework definitions that allow to build a custom SIEM.
  ☆28Updated last year
• puffyCid / artemis
  A cross platform forensic parser written in Rust!
  ☆98Updated 2 weeks ago
• Hugal31 / yara-rust
  Rust bindings for VirusTotal/Yara
  ☆80Updated last week
• hashlookup / poppy
  Rust implementation of the DCSO Bloom filter
  ☆29Updated 4 months ago
• marirs / capa-rs
  File Capability Extractor
  ☆14Updated 4 months ago
• vthib / boreal
  Safe and performant YARA rules evaluator in Rust
  ☆66Updated last week
• WithSecureLabs / tau-engine
  A document tagging library
  ☆30Updated 8 months ago
• rusticata / pcap-analyzer
  PAL (Pcap Analysis Library)
  ☆103Updated 4 months ago
• cea-sec / openwec
  An implementation of a Windows Event Collector server running on GNU/Linux.
  ☆83Updated last month
• malwaredb / malwaredb-rs
  MalwareDB: bookkeeping for malware, goodware, and unknown files with relationship discovery
  ☆51Updated last week
• jopohl / sigma-rust
  A Rust library for parsing and evaluating Sigma rules
  ☆17Updated this week
• omerbenamram / mft
  A parser for the MFT (Master File Table) format
  ☆150Updated last month
• sebdraven / IOCmite
  Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert
  ☆36Updated 3 years ago
• Center-Sun / suricata-kafka-output
  provides a Suricata Eve output for Kafka with Suricate Eve plugin
  ☆15Updated 4 years ago
• SecSamDev / sysmon-arangodb
  Threat hunting with Sysmon and ArangoDB Graphs
  ☆12Updated 5 years ago
• omerbenamram / pyevtx-rs
  Python bindings for https://github.com/omerbenamram/evtx/
  ☆53Updated 9 months ago
• avast / yarang
  Alternative YARA scanning engine
  ☆73Updated 3 years ago
• Achiefs / fim
  FIM is an Open Source Host-based file integrity monitoring tool that performs file system analysis, file integrity checking, real time al…
  ☆169Updated last month
• n4r1b / ferrisetw
  Basically a KrabsETW rip-off written in Rust
  ☆78Updated last month
• CAPESandbox / CAHI
  CAPE Auto-Hardened Installer
  ☆23Updated 9 months ago
• markuskont / go-sigma-rule-engine
  Golang library that implements a sigma log rule parser and match engine.
  ☆102Updated last year
• rustysec / fuzzyhash-rs
  Pure Rust fuzzy hash implementation
  ☆22Updated 2 years ago
• microsoft / rust_win_etw
  Allows Rust code to log events to ETW
  ☆112Updated last week
• CybercentreCanada / sawp
  Security Aware Wire Protocol parsing library
  ☆40Updated last year
• cyentific-rni / security-playbook-stix-misp-exchange
  This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…
  ☆16Updated 3 years ago
• opencybersecurityalliance / firepit
  Firepit - STIX Columnar Storage
  ☆17Updated last year
• rustysec / win-event-log-rs
  clean interface for the windows event log
  ☆25Updated last year
• oasis-open / cti-stix2-json-schemas
  OASIS TC Open Repository: Non-normative schemas and examples for STIX 2
  ☆130Updated 3 weeks ago
• cerebrate-project / cerebrate
  Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…
  ☆91Updated 2 weeks ago
• sophos / yaraml_rules
  Security ML models encoded as Yara rules
  ☆215Updated 2 years ago