Alternatives and similar repositories for flare

Users that are interested in flare are comparing it to the libraries listed below

• SuperCowPowers / zat
  Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark
  ☆439Updated last year
• TheHive-Project / TheHiveDocs
  Documentation of TheHive
  ☆398Updated last year
• ThreatHuntingProject / hunter
  A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.
  ☆246Updated 3 years ago
• uber-common / metta
  An information security preparedness tool to do adversarial simulation.
  ☆1,124Updated 6 years ago
• OTRF / ATTACK-Python-Client
  Python Script to access ATT&CK content available in STIX via a public TAXII server
  ☆565Updated 6 months ago
• mitre-attack / bzar
  A set of Zeek scripts to detect ATT&CK techniques.
  ☆594Updated 11 months ago
• DavidJBianco / Clearcut
  Clearcut is a tool that uses machine learning to help you focus on the log entries that really need manual review
  ☆197Updated 8 years ago
• DefensePointSecurity / threat_note
  DPS' Lightweight Investigation Notebook
  ☆432Updated last year
• mandiant / iocs
  FireEye Publicly Shared Indicators of Compromise (IOCs)
  ☆467Updated 6 years ago
• PUNCH-Cyber / stoq
  An open source framework for enterprise level automated analysis.
  ☆395Updated 2 years ago
• EmersonElectricCo / fsf
  File Scanning Framework
  ☆293Updated 3 years ago
• PaloAltoNetworks / minemeld
  Main MineMeld documentation repo
  ☆378Updated 7 years ago
• ciscocsirt / GOSINT
  The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs).
  ☆546Updated 2 years ago
• orlikoski / Skadi
  Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux
  ☆499Updated 2 years ago
• endgameinc / RTA
  ☆1,074Updated 6 years ago
• atc-project / atomic-threat-coverage
  Actionable analytics designed to combat threats
  ☆989Updated 3 years ago
• mitre / cascade-server
  CASCADE Server
  ☆270Updated 2 years ago
• armbues / ioc_parser
  Tool to extract indicators of compromise from security reports in PDF format
  ☆436Updated 2 years ago
• rocknsm / rock
  Automated deployment scripts for the RockNSM network hunting distribution.
  ☆454Updated last year
• cylance / CyBot
  Open Source Threat Intelligence Chat Bot
  ☆322Updated 5 years ago
• TheHive-Project / CortexDocs
  Documentation of Cortex
  ☆174Updated last year
• P4T12ICK / ypsilon
  Automated Use Case Testing
  ☆167Updated 7 years ago
• secureworks / dalton
  Suricata, Snort and Zeek IDS rule and pcap testing system
  ☆480Updated last month
• mitre-attack / tram
  Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.
  ☆352Updated 3 years ago
• olafhartong / ATTACKdatamap
  A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
  ☆352Updated 4 years ago
• TheHive-Project / Hippocampe
  Threat Feed Aggregation, Made Easy
  ☆168Updated 4 years ago
• certtools / intelmq
  IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
  ☆1,048Updated last month
• MISP / PyMISP
  Python library using the MISP Rest API
  ☆468Updated this week
• harvard-itsecurity / docker-misp
  Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
  ☆175Updated 4 years ago
• olafhartong / ThreatHunting
  A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
  ☆1,158Updated last year