Alternatives and similar repositories for smudge

Users that are interested in smudge are comparing it to the libraries listed below

• packetsifter / packetsifterTool
  PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…
  ☆95Updated 4 years ago
• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆70Updated 2 years ago
• curated-intel / attack-lookup
  A MITRE ATT&CK Lookup Tool
  ☆45Updated last year
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆44Updated last year
• jasonsford / IPScraper
  This script provides a Python library with methods to authenticate to various sources of threat intelligence and query IPs for the latest…
  ☆18Updated 4 months ago
• artemis19 / riverside
  Network security visualization tool, showcasing live traffic between internal and external hosts in a real-time visualization.
  ☆26Updated 2 years ago
• nidem / forgedpillow
  A tool to modify timestamps in a packet capture to a user selected date
  ☆31Updated 3 years ago
• clausing / scripts
  ☆64Updated 4 months ago
• Velocidex / cloudvelo
  An experimental Velociraptor implementation using cloud infrastructure
  ☆25Updated 2 weeks ago
• cudeso / CSIRT-Jump-Bag
  CSIRT Jump Bag
  ☆26Updated last year
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆55Updated last year
• splunk / attack-detections-collector
  Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique
  ☆67Updated last year
• corelight / Dashboards-Splunk-DNS-Hunting-Beaconing
  DNS Dashboard for hunting and identifying beaconing
  ☆16Updated 4 years ago
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 7 months ago
• sandialabs / gait
  Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies
  ☆34Updated last year
• cti-cmm / framework
  A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry N…
  ☆34Updated 2 months ago
• fireeye / CVE-2021-44228
  OpenIOC rules to facilitate hunting for indicators of compromise
  ☆37Updated 3 years ago
• NVISOsecurity / nviso-cti
  ☆42Updated this week
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆64Updated 2 years ago
• bruneaug / DShield-SIEM
  DShield Sensor Log Collection with ELK
  ☆28Updated last month
• corelight / raspi-corelight
  Corelight@Home script
  ☆42Updated last year
• Neo23x0 / ThreatResearch-Reporting-Guide
  Offensive Research Guide to Help Defense Improve Detection
  ☆31Updated 2 years ago
• alwashmi / MasterParser
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆23Updated 4 years ago
• vz-risk / flow
  Tools related to work with Attack Flow (https://github.com/center-for-threat-informed-defense/attack-flow)
  ☆44Updated 3 years ago
• vertexproject / synapse-quickstart
  Get started using Synapse Open-Source to start a Cortex and perform analysis within your area of expertise.
  ☆45Updated 3 years ago
• chaitanyakrishna / IOCScraper
  IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.
  ☆35Updated 3 years ago
• SigmaHQ / pySigma-backend-splunk
  pySigma Splunk backend
  ☆40Updated 2 months ago
• NextronSystems / nextron-helper-scripts
  Public tools, scripts or code snippets that can help when working with our products
  ☆46Updated 2 months ago
• cmdshiftd / elrond
  Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
  ☆31Updated 5 months ago
• redcanaryco / vscode-attack
  Visual Studio Code extension for MITRE ATT&CK
  ☆54Updated last year