Alternatives and similar repositories for urlhaus:

Users that are interested in urlhaus are comparing it to the libraries listed below

• swisscom / detections
  Threat intelligence and threat detection indicators (IOC, IOA)
  ☆52Updated 4 years ago
• counteractive / incident-response-collector
  ☆16Updated 4 years ago
• teamdfir / volatility-plugins-community
  Volatility plugins developed and maintained by the community
  ☆21Updated 5 months ago
• Neo23x0 / ti-falsepositives
  A collection of typical false positive indicators
  ☆55Updated 4 years ago
• CIRCL / forensic-tools
  CIRCL system forensic tools or a jumble of tools to support forensic
  ☆42Updated 2 years ago
• 4n6ist / bulk_extractor-rec
  It is based on bulk_extractor (https://github.com/simsong/bulk_extractor) and add scanners for record carving
  ☆40Updated 4 years ago
• swisscom / PowerSponse
  PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.
  ☆38Updated 2 years ago
• Foundstone / ExpertInvestigationGuides
  Expert Investigation Guides
  ☆51Updated 3 years ago
• bromiley / pollen
  pollen - A command-line tool for interacting with TheHive
  ☆35Updated 5 years ago
• chaoticmachinery / mass_triage_tools
  Mass Triage Tools
  ☆20Updated last month
• MISP / misp-packer
  Build Automated Machine Images for MISP
  ☆28Updated last year
• neolea / neolea-training-materials
  Open source training materials for law-enforcement and organisations interested in DFIR.
  ☆55Updated last month
• phainlen / DNS-Hunting
  Use DNS to hunt for threats including DGAs
  ☆15Updated 9 years ago
• eCrimeLabs / MISP2CbR
  Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.
  ☆19Updated 2 years ago
• uforia / exitgather
  Tool for automatic list generation of known TOR and VPN exit nodes
  ☆30Updated last year
• notx11 / urlScan2Hive
  Triage automation for suspect URLs
  ☆12Updated 5 years ago
• 3c7 / common-osint-model
  Converting data from services like Censys and Shodan to a common data model
  ☆49Updated 6 months ago
• NextronSystems / thor_attck
  THOR MITRE ATT&CK Framework Coverage
  ☆24Updated 4 years ago
• CERT-Bund / IRNetTools
  Incident Response Network Tools
  ☆24Updated 3 years ago
• sfakiana / FIRST-CTI-2019
  References for FIRST CTI 2019 Symposium presentation
  ☆23Updated 5 years ago
• MISP / best-practices-in-threat-intelligence
  Best practices in threat intelligence
  ☆46Updated 2 years ago
• ReconInfoSec / rhq
  Recon Hunt Queries
  ☆76Updated 3 years ago
• forensicmatt / PyWindowsThingies
  Windows Thingies in Python for live use.
  ☆24Updated 5 years ago
• keydet89 / IWSBook
  Site for IWS book content
  ☆18Updated 6 years ago
• MISP / misp-cloud
  misp-cloud - Cloud-ready images of MISP
  ☆72Updated 2 years ago
• pstirparo / utils
  Different DFIR and CTI utilities
  ☆36Updated 4 years ago
• t4d / PhishingKit-Yara-Search
  Yara scan Phishing Kit's Zip archive(s)
  ☆57Updated 11 months ago
• cocaman / analysis_scripts
  Collection of scripts used to analyse malware or emails
  ☆19Updated 4 years ago
• SMAPPER / NSM
  This repository is created to add value to existing Network Security Monitoring solutions.
  ☆17Updated 8 years ago
• ciscocsirt / dhp
  Simple Docker Honeypot server emulating small snippets of the Docker HTTP API
  ☆30Updated 4 years ago