Alternatives and similar repositories for cti

Users that are interested in cti are comparing it to the libraries listed below

• u-siem / u-siem-core
  Framework definitions that allow to build a custom SIEM.
  ☆26Updated 7 months ago
• WithSecureLabs / tau-engine
  A document tagging library
  ☆30Updated last month
• Hugal31 / yara-rust
  Rust bindings for VirusTotal/Yara
  ☆76Updated 2 months ago
• puffyCid / artemis
  A cross platform forensic parser written in Rust!
  ☆81Updated this week
• avast / yarang
  Alternative YARA scanning engine
  ☆70Updated 2 years ago
• vthib / boreal
  Safe and performant YARA rules evaluator in Rust
  ☆47Updated this week
• marirs / sigma-convert
  Convert Sigma Rules to different formats
  ☆11Updated 9 months ago
• Center-Sun / suricata-kafka-output
  provides a Suricata Eve output for Kafka with Suricate Eve plugin
  ☆14Updated 3 years ago
• sebdraven / IOCmite
  Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert
  ☆36Updated 2 years ago
• jopohl / sigma-rust
  A Rust library for parsing and evaluating Sigma rules
  ☆11Updated this week
• SecSamDev / sysmon-arangodb
  Threat hunting with Sysmon and ArangoDB Graphs
  ☆11Updated 5 years ago
• malwaredb / malwaredb-rs
  MalwareDB: bookkeeping for malware, goodware, and unknown files with relationship discovery
  ☆44Updated this week
• marirs / capa-rs
  File Capability Extractor
  ☆13Updated last month
• jasonish / suricatax-rule-parser-rs
  ☆11Updated last year
• n4r1b / ferrisetw
  Basically a KrabsETW rip-off written in Rust
  ☆69Updated 9 months ago
• Devolutions / siquery-rs
  siquery, a Rust osquery implementation to query system information
  ☆59Updated 2 years ago
• avast / yari
  YARI is an interactive debugger for YARA Language.
  ☆88Updated 4 months ago
• hashlookup / poppy
  Rust implementation of the DCSO Bloom filter
  ☆27Updated last month
• rusticata / pcap-analyzer
  PAL (Pcap Analysis Library)
  ☆98Updated 5 months ago
• rapid7 / resynth
  A network packet synthesis language
  ☆19Updated 2 weeks ago
• StamusNetworks / suricata-language-server
  Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…
  ☆70Updated last month
• microsoft / rust_win_etw
  Allows Rust code to log events to ETW
  ☆104Updated 2 weeks ago
• Lifars / gargamel
  A forensic evidence acquirer
  ☆86Updated 4 years ago
• hashlookup / private-search-set
  Private Search Set (PSS) is an extension to standard Bloom filter or a standalone hash file to describe and share private set.
  ☆16Updated 4 months ago
• MISP / misp-stix
  MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats
  ☆53Updated last week
• CERT-Polska / ursadb
  Trigram database written in C++, suited for malware indexing
  ☆125Updated 6 months ago
• tenzir / threatbus
  🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.
  ☆261Updated 2 years ago
• omerbenamram / pyevtx-rs
  Python bindings for https://github.com/omerbenamram/evtx/
  ☆50Updated 2 months ago
• rusticata / rusticata
  Rusticata: Rust parsers for Suricata (test code)
  ☆95Updated 8 months ago
• cyentific-rni / security-playbook-stix-misp-exchange
  This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…
  ☆16Updated 2 years ago