Alternatives and similar repositories for QRadar-ThreatIntel-Import

Users that are interested in QRadar-ThreatIntel-Import are comparing it to the libraries listed below

• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆38Updated 3 years ago
• StevenD33 / Lab-DFIR-SOC
  ☆70Updated 4 years ago
• AbdulRhmanAlfaifi / Rhaegal
  Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…
  ☆42Updated 2 years ago
• tsale / BlueSploit
  BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.
  ☆32Updated 6 years ago
• alph4w0lf / LokiX
  Lokix Platform is a free open-source solution to help blue teams and threat hunters use Loki Scanner to sweep enterprise networks
  ☆25Updated 5 years ago
• mattnotmax / update-cyberchef
  CyberChef update scripts in PowerShell & Bash
  ☆17Updated last year
• lawiet47 / autoresponder
  Carbon Black Response IR tool
  ☆55Updated 5 years ago
• Hestat / calamity
  A script to assist in processing forensic RAM captures for malware triage
  ☆26Updated 4 years ago
• olafhartong / sysmon-modular-linux
  A repository of Sysmon For Linux configuration modules
  ☆16Updated 4 years ago
• yasser-alghamdi / winterfell-collection
  Winterfell is a group of windows batch scripts to collect Windows forensics data and perform efficient, and fast incident response and th…
  ☆52Updated 5 years ago
• Hestat / soc-threat-hunting
  Repo of python/bash scripts for identifying IoC's in threat feed and other online tools
  ☆26Updated 5 years ago
• 3gbCyber / IR-Last-Write-Time
  Simple Script to Help You Find All Files Has Been Modified, Accessed, and Created In A Range Time.
  ☆27Updated 3 years ago
• chaitanyakrishna / IOCScraper
  IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.
  ☆35Updated 3 years ago
• BushidoUK / Exploring-APT-campaigns
  Further investigation in to APT campaigns disclosed by private security firms and security agencies
  ☆87Updated 3 years ago
• Maboalenen / DFIR
  Incident response teams usually working on the offline data, collecting the evidence, then analyze the data
  ☆45Updated 4 years ago
• gajos112 / Digital-Forensics
  ☆38Updated 4 years ago
• NextronSystems / thor_attck
  THOR MITRE ATT&CK Framework Coverage
  ☆25Updated 5 years ago
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆46Updated 5 years ago
• curated-intel / attack-lookup
  A MITRE ATT&CK Lookup Tool
  ☆46Updated last year
• HASecuritySolutions / Update-VMs
  Snapshot, patch, health-check, and potentially roll-back Windows VMs
  ☆35Updated 7 years ago
• CIRCL / factual-rules-generator
  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
  ☆75Updated 3 years ago
• NVISOsecurity / nviso-cti
  ☆44Updated 5 months ago
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆56Updated 5 years ago
• cabve / CbR
  Queries for Carbon Black Response
  ☆11Updated 5 years ago
• packetsifter / packetsifterTool
  PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…
  ☆95Updated 4 years ago
• sametsazak / sysmon
  Sysmon and wazuh integration with Sigma sysmon rules [updated]
  ☆71Updated 4 years ago
• corelight / threat-hunting-guide
  ☆56Updated 3 years ago
• NextronSystems / nextron-helper-scripts
  Public tools, scripts or code snippets that can help when working with our products
  ☆46Updated 8 months ago
• DCScoder / ESXiTri
  ESXi Cyber Security Incident Response Script
  ☆25Updated last year
• AhmedKamal1432 / Evilize
  Triaging Windows event logs based on SANS Poster
  ☆42Updated last month