Alternatives and similar repositories for openwec:

Users that are interested in openwec are comparing it to the libraries listed below

• sebdraven / IOCmite
  Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert
  ☆37Updated 2 years ago
• AttackIQ / SigmAIQ
  A pySigma wrapper and langchain toolkit for automatic rule creation/translation
  ☆72Updated this week
• NextronSystems / evtx-baseline
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆73Updated last year
• openrelik / openrelik-server
  The core backend server handling API requests and task management
  ☆33Updated 2 weeks ago
• SigmaHQ / pySigma-backend-elasticsearch
  pySigma Elasticsearch backend
  ☆48Updated this week
• SigmaHQ / sigma-cli
  The Sigma command line interface based on pySigma
  ☆141Updated 2 weeks ago
• certeu / droid
  A pySigma wrapper to manage detection rules.
  ☆34Updated last month
• LetMeR00t / TA-thehive-cortex
  Technical add-on for Splunk related to TheHive/Cortex from TheHive project
  ☆52Updated 2 months ago
• Neo23x0 / Loki2
  LOKI2 - Simple IOC and YARA Scanner
  ☆84Updated 5 months ago
• StamusNetworks / suricata-language-server
  Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…
  ☆66Updated this week
• sandialabs / gait
  Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies
  ☆27Updated 10 months ago
• murchisd / splunk_pstree_app
  Custom Splunk search command to reconstruct a pstree from Sysmon process creation events (EventCode 1)
  ☆23Updated last year
• mgreen27 / DetectRaptor
  A repository to share publicly available Velociraptor detection content
  ☆124Updated this week
• theflakes / Linux_Forensic_Harvester
  Harvest Linux forensic data for operational triage of an event.
  ☆50Updated 7 months ago
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated last month
• cerebrate-project / cerebrate
  Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…
  ☆85Updated last month
• SigmaHQ / pySigma-backend-splunk
  pySigma Splunk backend
  ☆34Updated last month
• joeavanzato / LogBoost
  Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…
  ☆100Updated 3 months ago
• elastic / labs-releases
  Elastic Security Labs releases
  ☆55Updated 2 months ago
• fox-it / dissect.target
  The Dissect module tying all other Dissect modules together. It provides a programming API and command line tools which allow easy access…
  ☆50Updated this week
• microsoft / MSTIC-Sysmon
  Anything Sysmon related from the MSTIC R&D team
  ☆148Updated 7 months ago
• blueteam0ps / det-eng-samples
  This repository contains sample log data that were collected after running adversary simulations in Microsoft 365
  ☆20Updated 3 months ago
• opencybersecurityalliance / oca-iob
  Augmentation to Machine Readable CTI
  ☆27Updated last month
• ANSSI-FR / DFIR4vSphere
  Powershell module for VMWare vSphere forensics
  ☆146Updated 2 months ago
• thremulation-station / thremulation-station
  Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
  ☆36Updated last year
• cea-sec / gmsad
  gmsad manages Active Directory group Managed Service Account (gMSA) on Linux
  ☆27Updated 3 weeks ago
• magicsword-io / sigconverter.io
  An opensource sigma conversion tool built using pysigma
  ☆112Updated 3 weeks ago
• 00010111 / smbtimeline
  ☆32Updated 2 months ago
• swisscom / ArtifactCollectionMatrix
  Forensic Artifact Collection Tool Matrix
  ☆79Updated 2 months ago
• threatcat-ch / malware-analysis-pipeline
  Lightweight Python-Based Malware Analysis Pipeline
  ☆30Updated this week