Alternatives and similar repositories for cytaxii2

Users that are interested in cytaxii2 are comparing it to the libraries listed below

• Loginsoft-LLC / threat-detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆52Updated 2 years ago
• davidonzo / apiosintDS
  On demand query API for https://github.com/davidonzo/Threat-Intel project.
  ☆55Updated 11 months ago
• The-Shadowserver-Foundation / api_utils
  Sample programs to access the API
  ☆85Updated last month
• dhoelzer / DAD
  Log aggregation, analysis, alerting and correlation for Windows, Syslog and text based logs.
  ☆24Updated 8 years ago
• 3c7 / common-osint-model
  Converting data from services like Censys and Shodan to a common data model
  ☆49Updated 8 months ago
• clairmont32 / VirusTotal-Tools
  Submits multiple domains to VirusTotal API
  ☆60Updated 3 years ago
• w8mej / ThreatPlays
  Sharing Threat Hunting runbooks
  ☆25Updated 5 years ago
• csirtgadgets / cif-v5
  The FASTEST way to consume threat intel.
  ☆68Updated 2 years ago
• MISP / SkillAegis
  SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…
  ☆29Updated last month
• juaromu / wazuh
  ☆19Updated 3 years ago
• mitre / human
  Caldera plugin to deploy "humans" to emulate user behavior on systems
  ☆28Updated last year
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆44Updated last year
• Shuffle / shuffle-docs
  Documentation used for Shuffle
  ☆19Updated last week
• hashlookup / hashlookup-forensic-analyser
  Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https…
  ☆126Updated last year
• MISP / misp-stix
  MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats
  ☆54Updated last week
• MarkBaggett / apiify
  Wrap any binary into a cached webserver
  ☆53Updated 3 years ago
• weslambert / securityonion-misp
  ☆35Updated 4 years ago
• MISP / misp-rfc
  Specifications used in the MISP project including MISP core format
  ☆51Updated 5 months ago
• tropChaud / Cyber-Adversary-Heatmaps
  Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.
  ☆35Updated 2 years ago
• cyentific-rni / stix2.1-coa-playbook-extension
  A STIX 2.1 Extension Definition for the Course of Action (COA) object type. The nested property extension allows a COA to share machine-r…
  ☆23Updated last year
• haidermdost / Threat-Detection-Maturity-Framework
  ☆18Updated 3 years ago
• ail-project / ail-training
  AIL project training materials
  ☆30Updated 2 weeks ago
• atc-project / atc-mitigation
  Actionable analytics designed to combat threats based on MITRE's ATT&CK.
  ☆22Updated 5 years ago
• opencybersecurityalliance / PACE
  Posture Attribute Collection and Evaluation
  ☆23Updated last year
• enisaeu / IRtools
  The aim of this repository is to provide a list of examples of tools, sources and measures available to incident response teams
  ☆58Updated 4 years ago
• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆70Updated 2 years ago
• infosecB / detection-as-code
  An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
  ☆57Updated 3 years ago
• MISP / misp-guard
  misp-guard is a mitmproxy addon that inspects and blocks outgoing events to external MISP instances via sync mechanisms (pull/push) based…
  ☆14Updated 3 months ago
• newcontext-oss / opencti-terraform
  Terraform scripts for deploying OpenCTI to AWS, Azure, and GCP
  ☆31Updated last year
• flowintel / flowintel
  An open source platform to support analysts to organise their case and tasks
  ☆72Updated last week