Alternatives and similar repositories for CASE-Examples

Users that are interested in CASE-Examples are comparing it to the libraries listed below

• aff4 / pyaff4
  The Python implementation of the AFF4 standard.
  ☆44Updated last year
• cert-lv / graphoscope
  Graphoscope is a solution to access multiple independent data sources from a common UI and show data relations as a graph
  ☆39Updated 7 months ago
• hashlookup / hashlookup-forensic-analyser
  Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https…
  ☆126Updated last year
• 0xrawsec / golang-misp
  Golang Library to interact with your MISP instance
  ☆22Updated 5 years ago
• flowintel / cocktailparty
  CocktailParty is a data broker system based on phoenix framework
  ☆21Updated 3 months ago
• d-Rickyy-b / certleak
  Python framework for collecting and analyzing TLS certificate data via the Certificate Transparency Network
  ☆11Updated last month
• MISP / misp-guard
  misp-guard is a mitmproxy addon that inspects and blocks outgoing events to external MISP instances via sync mechanisms (pull/push) based…
  ☆15Updated last week
• intelligence-driven-incident-response / intelligence-product-templates
  Chapter 9: Disseminate
  ☆14Updated 7 years ago
• opencybersecurityalliance / firepit
  Firepit - STIX Columnar Storage
  ☆16Updated last year
• joshhighet / multisocks
  a scaling framework for tor traffic balancing 🧦 🧅 ⚖️
  ☆12Updated last week
• cudeso / misp-scraper
  A web scraper to create MISP events and reports
  ☆16Updated 3 weeks ago
• forensicanalysis / artifactcollector
  🧭 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system
  ☆291Updated 2 months ago
• vertexproject / synapse-quickstart
  Get started using Synapse Open-Source to start a Cortex and perform analysis within your area of expertise.
  ☆45Updated 3 years ago
• sundruid / muonfp
  MuonFP is an enterprise ready, TCP passive fingerprinter written in Rust that has no external dependencies such as WireShark or other ope…
  ☆19Updated 2 weeks ago
• flowintel / flowintel
  An open source platform to support analysts to organise their case and tasks
  ☆87Updated last week
• TcM1911 / stix2
  A pure Go library for working with Structured Threat Information Expression (STIX™) version 2.x data
  ☆23Updated 2 months ago
• aff4 / Standard
  AFF4 Standard Documents
  ☆29Updated 3 years ago
• CyCat-project / cycat-service
  CyCAT.org API back-end server including crawlers
  ☆29Updated 2 years ago
• ANSSI-FR / sftp2misp
  Automation script to download JSON MISP files from a SFTP server and import them via API to a MISP instance.
  ☆15Updated 2 years ago
• DevoInc / sightingdb
  Sighting DB is designed to scale writing and reading a count of attributes, tracking when if was first and last seen
  ☆16Updated last year
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆134Updated 11 months ago
• log2timeline / dftimewolf
  A framework for orchestrating forensic collection, processing and data export
  ☆325Updated last week
• Errum / Intelligence-and-Cybersecurity-Peer-Reviewed-sources
  A list of Per-Reviewed Journals, Books and Blogs on intelligence and Cybersecurity
  ☆23Updated last year
• aaronkaplan / openai-cti-summarizer
  Summarize CTI reports with OpenAI
  ☆16Updated last week
• casework / CASE
  Cyber-investigation Analysis Standard Expression (CASE) Ontology
  ☆70Updated last month
• COSSAS / sacti
  SACTI - Securely aggregate CTI sightings and report them on MISP
  ☆14Updated 2 years ago
• VirusTotal / gyp
  gyp: A pure Go YARA parser
  ☆106Updated last year
• GEANT / TRANSITS
  Home for TRANSITS materials
  ☆25Updated last year
• aaronkaplan / stochasticCTIExtractor
  Interface LLMs from within MISP to extract TTPs and threat intel from CTI reports
  ☆17Updated last year
• D4-project / architecture
  Architecture - design and implementation of the D4 project architecture
  ☆16Updated 3 weeks ago