Alternatives and similar repositories for hawk

Users that are interested in hawk are comparing it to the libraries listed below

• CERT-Bund / IRNetTools
  Incident Response Network Tools
  ☆24Updated 4 years ago
• abhinavbom / clara
  Serverless, real-time, ClamAV+Yara scanning for your S3 Buckets
  ☆33Updated 2 weeks ago
• CyCat-project / cycat-service
  CyCAT.org API back-end server including crawlers
  ☆29Updated 2 years ago
• 3c7 / infrastructure-tracking-schema
  ☆24Updated 3 years ago
• CIRCL / forensic-tools
  CIRCL system forensic tools or a jumble of tools to support forensic
  ☆41Updated 3 years ago
• adulau / hashlookup-server
  Fast lookup server for NSRL and other hash database used in digital forensic
  ☆48Updated 3 years ago
• MISP / PyMISPWarningLists
  Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists
  ☆35Updated 3 weeks ago
• CIRCL / yara-validator
  Validates yara rules and tries to repair the broken ones.
  ☆41Updated 5 years ago
• StamusNetworks / surimisp
  Check IOC provided by a MISP instance on Suricata events
  ☆18Updated 6 years ago
• hashlookup / a-ray-grass
  a-ray-grass is a yara module that provides support for DCSO-format bloom filters in yara. In the context of hashlookup, it allows quickly…
  ☆14Updated 3 years ago
• decalage2 / exefilter
  ExeFilter is an open-source tool and framework to filter file formats in e-mails, web pages or files. It detects many common file formats…
  ☆70Updated 4 years ago
• fr0gger / Yara-Unprotect
  This repository regroups the Yara Rules for the Unprotect Project
  ☆26Updated 5 years ago
• thomaspatzke / sigma-workshop
  Elasticsearch/Kibana environment and log data for Sigma workshop
  ☆27Updated 6 years ago
• alwashmi / MasterParser
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆23Updated 4 years ago
• mohlcyber / MISP-MVISION-EDR
  Integration between MISP platform and McAfee MVISION EDR
  ☆14Updated 3 years ago
• jeFF0Falltrades / YARA-Signatures
  A collection of my public YARA signatures for various malware families
  ☆30Updated last year
• InQuest / ThreatKB
  Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
  ☆103Updated 6 months ago
• Neo23x0 / ti-falsepositives
  A collection of typical false positive indicators
  ☆56Updated 5 years ago
• imp0rtp3 / js-yara-rules
  Yara rules for malicious javascript files from public repositories or written by me.
  ☆13Updated 4 years ago
• CyCat-project / cycat-taxonomy
  CyCAT.org taxonomies
  ☆15Updated 4 years ago
• certtools / contactdb
  The ContactDB project was initiated to cover the need for a tool to maintain contacts for CSIRT teams
  ☆37Updated 4 years ago
• ciscocsirt / dhp
  Simple Docker Honeypot server emulating small snippets of the Docker HTTP API
  ☆33Updated 5 years ago
• MISP / misp-rfc
  Specifications used in the MISP project including MISP core format
  ☆53Updated 3 weeks ago
• jeFF0Falltrades / IoCs
  A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo
  ☆29Updated 5 years ago
• swisscom / detections
  Threat intelligence and threat detection indicators (IOC, IOA)
  ☆52Updated 5 years ago
• MISP / mail_to_misp
  Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.
  ☆69Updated 2 years ago
• telekom-security / acquire-aws-ec2
  A python script to acquire multiple aws ec2 instances in a forensically sound-ish way
  ☆38Updated 4 years ago
• BreakingMalwareResearch / YetiToElastic
  YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack
  ☆16Updated 5 years ago
• 3c7 / common-osint-model
  Converting data from services like Censys and Shodan to a common data model
  ☆51Updated this week
• MISP / misp-sighting-server
  MISP sighting server is a fast sighting server to store and look-up sightings on attributes (network indicators, file hashes, system indi…
  ☆15Updated 2 years ago