Alternatives and similar repositories for CTIA

Users that are interested in CTIA are comparing it to the libraries listed below

• austinsonger / Elastic-Security
  Repo for Automations and other solutions for Elastic SIEM/Security.
  ☆18Updated 4 years ago
• alwashmi / MasterParser
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆23Updated 4 years ago
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆65Updated 3 years ago
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆45Updated 5 years ago
• DCScoder / ESXiTri
  ESXi Cyber Security Incident Response Script
  ☆25Updated last year
• bittib010 / AjourVolAutolity
  A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.
  ☆16Updated 2 months ago
• curated-intel / attack-lookup
  A MITRE ATT&CK Lookup Tool
  ☆45Updated last year
• mthcht / ThreatHunting-Keywords-yara-rules
  yara detection rules for hunting with the threathunting-keywords project
  ☆152Updated 5 months ago
• yasser-alghamdi / winterfell-collection
  Winterfell is a group of windows batch scripts to collect Windows forensics data and perform efficient, and fast incident response and th…
  ☆52Updated 5 years ago
• jstrosch / subcrawl
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆54Updated 11 months ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆55Updated last year
• ForensicArtifacts / artifacts-kb
  Digital Forensics Artifacts Knowledge Base
  ☆86Updated 3 weeks ago
• BushidoUK / Exploring-APT-campaigns
  Further investigation in to APT campaigns disclosed by private security firms and security agencies
  ☆87Updated 3 years ago
• docker-forensics-toolkit / toolkit
  A toolkit for the post-mortem examination of Docker containers from forensic HDD copies
  ☆107Updated last year
• cdefid / TheHiveIRPlaybook
  TheHiveIRPlaybook is a collection of TheHive case templates used for Incident Response
  ☆13Updated 5 years ago
• gmagklaras / POFR
  Penguin OS Forensic (or Flight) Recorder
  ☆42Updated 10 months ago
• swisscom / ArtifactCollectionMatrix
  Forensic Artifact Collection Tool Matrix
  ☆91Updated last year
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 10 months ago
• thremulation-station / thremulation-station
  Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
  ☆38Updated last year
• cybergoatpsyops / detections
  Placeholder for my detection repo and misc detection engineering content
  ☆42Updated 2 years ago
• qbrusa / Windows-Security-Event-ID-Helper
  This repository provide a json file for all Windows security Event IDs with lot of useful informations (Categories, GPO, Volume, Recomman…
  ☆11Updated 2 years ago
• swisscom / detections
  Threat intelligence and threat detection indicators (IOC, IOA)
  ☆52Updated 4 years ago
• iomoath / yara-scanner
  YaraScanner is a file pattern-matching tool based on YARA rules.
  ☆59Updated 2 years ago
• chaitanyakrishna / IOCScraper
  IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.
  ☆35Updated 3 years ago
• strozfriedberg / QELP
  Quick ESXi Log Parser
  ☆28Updated 3 weeks ago
• joeavanzato / crackdown
  Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.
  ☆17Updated 2 years ago
• 3c7 / bazaar
  Python based CLI for MalwareBazaar
  ☆38Updated 3 months ago
• Cyb3r-Monk / Cheat-Sheets
  Cheat sheets for threat hunting, detection and other stuff.
  ☆34Updated 3 years ago
• joeavanzato / velociraptor-timeline-creator
  VTC - Velociraptor Timeline Creator
  ☆18Updated last year
• BinaryDefense / YaraMemoryScanner
  Simple PowerShell script to enable process scanning with Yara.
  ☆96Updated 3 years ago