austin-taylor / flare

Related projects ⓘ

Alternatives and complementary repositories for flare

• PUNCH-Cyber / stoq
  An open source framework for enterprise level automated analysis.
  ☆393Updated 2 years ago
• SuperCowPowers / zat
  Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark
  ☆423Updated 10 months ago
• TheHive-Project / TheHiveDocs
  Documentation of TheHive
  ☆393Updated last year
• DefensePointSecurity / threat_note
  DPS' Lightweight Investigation Notebook
  ☆423Updated 10 months ago
• rocknsm / rock
  Automated deployment scripts for the RockNSM network hunting distribution.
  ☆446Updated last year
• ThreatHuntingProject / hunter
  A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.
  ☆237Updated 3 years ago
• ciscocsirt / GOSINT
  The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs).
  ☆537Updated last year
• mandiant / iocs
  FireEye Publicly Shared Indicators of Compromise (IOCs)
  ☆463Updated 5 years ago
• uber-common / metta
  An information security preparedness tool to do adversarial simulation.
  ☆1,102Updated 5 years ago
• unfetter-discover / unfetter
  The main project for the Unfetter-Discover application. This is the project that will hold the configuration files, the docker-compose f…
  ☆408Updated last year
• OTRF / ATTACK-Python-Client
  Python Script to access ATT&CK content available in STIX via a public TAXII server
  ☆556Updated 5 months ago
• PaloAltoNetworks / minemeld
  Main MineMeld documentation repo
  ☆380Updated 7 years ago
• EmersonElectricCo / fsf
  File Scanning Framework
  ☆289Updated 3 years ago
• endgameinc / RTA
  ☆1,051Updated 5 years ago
• MarkBaggett / domain_stats
  ☆208Updated last year
• certtools / intelmq
  IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
  ☆976Updated 2 weeks ago
• dfirtrack / dfirtrack
  DFIRTrack - The Incident Response Tracking Application
  ☆482Updated 2 months ago
• DavidJBianco / Clearcut
  Clearcut is a tool that uses machine learning to help you focus on the log entries that really need manual review
  ☆196Updated 8 years ago
• TheHive-Project / Hippocampe
  Threat Feed Aggregation, Made Easy
  ☆166Updated 4 years ago
• TheHive-Project / TheHive4py
  Python API Client for TheHive
  ☆218Updated last week
• orlikoski / Skadi
  Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux
  ☆491Updated 2 years ago
• armbues / ioc_parser
  Tool to extract indicators of compromise from security reports in PDF format
  ☆429Updated last year
• harvard-itsecurity / docker-misp
  Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
  ☆175Updated 3 years ago
• csirtgadgets / bearded-avenger
  CIF v3 -- the fastest way to consume threat intelligence
  ☆184Updated last year
• olafhartong / ThreatHunting
  A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
  ☆1,138Updated last year
• praetorian-inc / purple-team-attack-automation
  Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs
  ☆718Updated 4 years ago
• mitre-attack / bzar
  A set of Zeek scripts to detect ATT&CK techniques.
  ☆565Updated 4 months ago
• atc-project / atomic-threat-coverage
  Actionable analytics designed to combat threats
  ☆972Updated 2 years ago
• SupportIntelligence / Icewater
  16,432 Free Yara rules created by
  ☆380Updated 5 years ago
• TheHive-Project / Cortex-Analyzers
  Cortex Analyzers Repository
  ☆434Updated last week