Alternatives and similar repositories for helm-opencti

Users that are interested in helm-opencti are comparing it to the libraries listed below

• OpenAEV-Platform / docker
  OpenAEV Docker deployment helpers
  ☆24Updated this week
• northsh / detection.studio
  Convert Sigma rules to SIEM queries, directly in your browser.
  ☆96Updated this week
• korniko98 / pivot-atlas
  ☆98Updated 2 months ago
• AttackIQ / SigmAIQ
  A pySigma wrapper and langchain toolkit for automatic rule creation/translation
  ☆85Updated 5 months ago
• CyberSecurityUP / GCP-Adversary-Emulator
  Comprehensive adversary emulation tool for security testing on Google Cloud Platform (GCP) environments.
  ☆14Updated last year
• blackstork-io / fabric
  An open-source command-line tool for cybersecurity reporting automation and a configuration language for reusable templates. Reporting-as…
  ☆64Updated 3 months ago
• ozanunal0 / viper
  🛡️ VIPER: Stay ahead of threats with AI-driven vulnerability intelligence. Prioritize CVEs effectively using NVD, EPSS, CISA KEV, and Go…
  ☆78Updated 2 months ago
• UncoderIO / Roota
  Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …
  ☆131Updated last year
• BenjiTrapp / aws-threat-hunting
  Short deep dive into Threat Hunting on AWS
  ☆14Updated 2 years ago
• infosecB / detection-as-code
  An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
  ☆59Updated 3 years ago
• fr0gger / JupyterUniverse
  Jupyter Univere is a search engine for all infosec jupyter notebooks
  ☆32Updated 7 months ago
• jalacloud / mcp-cti
  Repo for experimenting and testing MCP server builds for CTI-related research.
  ☆27Updated 5 months ago
• Bert-JanP / Domain-Response
  Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…
  ☆49Updated 2 months ago
• juaromu / wazuh
  ☆19Updated 4 years ago
• silascutler / awesome-docker-malware-analysis
  Repository of tools and resources for analyzing Docker containers
  ☆70Updated last year
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆65Updated 3 years ago
• arsolutioner / ExtensionHound
  A security analysis tool that identifies DNS queries made by browser extensions, empowering security teams to detect and investigate susp…
  ☆183Updated 8 months ago
• mitre-attack / attack-data-model
  ATT&CK Data Model (ADM): A TypeScript library for structured interaction with MITRE ATT&CK datasets. Uses Zod schemas, TypeScript types, …
  ☆43Updated last week
• COSSAS / SOARCA
  SOARCA - The Open Source CACAO-based Security Orchestrator!
  ☆83Updated 2 months ago
• reversinglabs / reversinglabs-siem-rules
  A collection of various SIEM rules relating to malware family groups.
  ☆70Updated last year
• cudeso / proof-value-cti
  Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.
  ☆52Updated last year
• krdmnbrk / AttackRuleMap
  Mapping of open-source detection rules and atomic tests.
  ☆178Updated 9 months ago
• Neo23x0 / god-mode-rules
  God Mode Detection Rules
  ☆134Updated last year
• 100DaysofYARA / 2025
  Rules shared by the community from 100 Days of YARA 2025
  ☆36Updated 9 months ago
• infosecB / Rulehound
  An index of publicly available and open-source threat detection rulesets.
  ☆129Updated 6 months ago
• ThreatMon / ThreatMon-Reports-IOC
  ☆52Updated 2 months ago
• anyrun / YARA
  ☆25Updated 3 weeks ago
• blackstork-io / fabric-templates
  Open-source Fabric templates for cybersecurity and compliance
  ☆22Updated 9 months ago
• typosquatter / ail-typo-website
  Website for ail-typo-squatting library
  ☆66Updated 3 weeks ago
• Velocidex / cloudvelo
  An experimental Velociraptor implementation using cloud infrastructure
  ☆26Updated last week