Alternatives and similar repositories for cti

Users that are interested in cti are comparing it to the libraries listed below

• u-siem / u-siem-core
  Framework definitions that allow to build a custom SIEM.
  ☆27Updated 11 months ago
• puffyCid / artemis
  A cross platform forensic parser written in Rust!
  ☆93Updated this week
• hashlookup / poppy
  Rust implementation of the DCSO Bloom filter
  ☆28Updated last month
• omerbenamram / mft
  A parser for the MFT (Master File Table) format
  ☆145Updated 2 years ago
• Hugal31 / yara-rust
  Rust bindings for VirusTotal/Yara
  ☆78Updated 6 months ago
• malwaredb / malwaredb-rs
  MalwareDB: bookkeeping for malware, goodware, and unknown files with relationship discovery
  ☆52Updated this week
• WithSecureLabs / tau-engine
  A document tagging library
  ☆30Updated 5 months ago
• sebdraven / IOCmite
  Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert
  ☆36Updated 2 years ago
• cea-sec / openwec
  An implementation of a Windows Event Collector server running on GNU/Linux.
  ☆77Updated last week
• jopohl / sigma-rust
  A Rust library for parsing and evaluating Sigma rules
  ☆14Updated 3 months ago
• flowintel / flowintel
  An open source platform to support analysts to organise their case and tasks
  ☆100Updated this week
• omerbenamram / pyevtx-rs
  Python bindings for https://github.com/omerbenamram/evtx/
  ☆51Updated 6 months ago
• Neo23x0 / Loki2
  LOKI2 - Simple IOC and YARA Scanner
  ☆102Updated 2 months ago
• CAPESandbox / CAHI
  CAPE Auto-Hardened Installer
  ☆23Updated 6 months ago
• avast / yarang
  Alternative YARA scanning engine
  ☆72Updated 3 years ago
• Center-Sun / suricata-kafka-output
  provides a Suricata Eve output for Kafka with Suricate Eve plugin
  ☆15Updated 3 years ago
• cerebrate-project / cerebrate
  Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…
  ☆90Updated this week
• opencybersecurityalliance / firepit
  Firepit - STIX Columnar Storage
  ☆16Updated last year
• marirs / capa-rs
  File Capability Extractor
  ☆13Updated last month
• opencybersecurityalliance / cacao-roaster
  A web application for generating, parsing and validating, manipulating, visualizing and executing CACAO v2.0 playbooks.
  ☆34Updated last week
• cyentific-rni / security-playbook-stix-misp-exchange
  This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…
  ☆16Updated 3 years ago
• MISP / misp-stix
  MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats
  ☆55Updated this week
• opencybersecurityalliance / oca-iob
  Augmentation to Machine Readable CTI
  ☆31Updated 3 months ago
• sophos / yaraml_rules
  Security ML models encoded as Yara rules
  ☆213Updated 2 years ago
• eclecticiq / stix-icons
  stix-icons is a collection of colourful and clean icons for use in software, training and marketing material to visualize cyber threats a…
  ☆35Updated 2 years ago
• JHUAPL / Low-Regret-Methodology
  ☆28Updated 4 years ago
• dfir-dd / dionysos
  Scanner for certain IoCs
  ☆11Updated 7 months ago
• COSSAS / SOARCA
  SOARCA - The Open Source CACAO-based Security Orchestrator!
  ☆78Updated this week
• blackstork-io / fabric
  An open-source command-line tool for cybersecurity reporting automation and a configuration language for reusable templates. Reporting-as…
  ☆58Updated last month
• CybercentreCanada / CCCS-Yara
  YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA
  ☆106Updated 3 months ago