Alternatives and similar repositories for SIEM

Users that are interested in SIEM are comparing it to the libraries listed below

• joesecurity / Joe-Sandbox-Bro
  JoeSandbox-Bro is a simple bro script which extracts files from your internet connection and analyzes them automatically on Joe Sandbox
  ☆45Updated 6 years ago
• pidydx / PyIOCe
  Python OpenIOC Editor
  ☆18Updated 10 years ago
• EmergingThreats / IDSDeathBlossom
  IDS Utility Belt For Automating/Testing Various Things
  ☆30Updated 5 years ago
• MalwareSoup / MitreAttack
  Python wrapper for the Mitre ATT&CK framework API
  ☆30Updated 7 years ago
• armedpot / honeytrap
  Last download from git://git.carnivore.it/honeytrap.git of Honytrap by Tillmann Werner
  ☆44Updated 4 years ago
• johnbergbom / PeddleCheap
  Pcaps for PeddleCheap and implant communication + script for interpreting and decrypting pcaps.
  ☆17Updated 8 years ago
• idiom / pftriage
  Python tool and library to help analyze files during malware triage and analysis.
  ☆78Updated 5 years ago
• clong / vagrant-ids
  An Ubuntu 16.04 build containing Suricata, PulledPork, Bro, and Splunk
  ☆23Updated 7 years ago
• CERT-Bund / misp-warninglists-analyzer
  Checks observables/ioc in TheHive/Cortex against the MISP warningslists
  ☆14Updated 8 years ago
• bez0r / pDNS2
  Passive DNS V2
  ☆60Updated 11 years ago
• John-Lin / malware
  This is a malware analysis project which expecte to generate snort rule via malicious network traffic
  ☆28Updated 2 years ago
• jantonakos / ThreatHuntingExcursions
  Code, commands, and chatter about Threat Hunting.
  ☆35Updated 6 years ago
• exp0se / detect_kerberos_attacks
  Detect kerberos attacks in pcap files
  ☆29Updated 10 years ago
• sisoc-tokyo / mimikatz_detection
  ☆12Updated 7 years ago
• Neo23x0 / webshell-intel
  Scan web server for known webshell names and responses
  ☆50Updated 9 years ago
• jusafing / pnaf
  Passive Network Audit Framework
  ☆32Updated 7 years ago
• rj-chap / NFWorkshop
  Network Forensics Workshop Files
  ☆17Updated 10 years ago
• fireeye / brocapi
  Bro PCAP Processing and Tagging API
  ☆28Updated 8 years ago
• PoorBillionaire / Windows-Prefetch-Carver
  Carve Windows Prefetch files from arbitrary binary data
  ☆16Updated 8 years ago
• pevma / Suricata-Logstash-Templates
  Templates for Kibana/Logstash to use with Suricata IDPS
  ☆81Updated 9 years ago
• mitre / unfetter-mediawiki-vagrant
  A virtual MediaWiki development environment, built on Vagrant, VirtualBox, and Puppet.
  ☆16Updated 9 years ago
• ChaitanyaHaritash / nmapii
  Automated script for NMAP Scanner with some custom .nse scripts :) for lazy geeks :V
  ☆17Updated 6 years ago
• interference-security / empyre-web
  EmPyre Web Interface
  ☆12Updated 8 years ago
• 3c7 / aptmap
  A map displaying threat actors from the misp-galaxy
  ☆33Updated 3 years ago
• nccgroup / Royal_APT
  Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research
  ☆53Updated 7 years ago
• nccgroup / lapith
  A simple Nessus results viewer
  ☆49Updated 12 years ago
• treussart / ProbeManager
  Centralize Management of Intrusion Detection System like Suricata Bro Ossec ...
  ☆71Updated 6 years ago
• refractionPOINT / rules
  Public rules and samples for various automations through LimaCharlie.io
  ☆14Updated 4 years ago
• jipegit / FECT
  Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer
  ☆41Updated 5 years ago
• retbandit-zz / BlackHat2017
  BlackHat Europe 2017 Slides
  ☆25Updated 7 years ago