Alternatives and similar repositories for helm-opencti

Users that are interested in helm-opencti are comparing it to the libraries listed below

• OpenAEV-Platform / docker
  OpenAEV Docker deployment helpers
  ☆28Updated this week
• UncoderIO / Roota
  Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …
  ☆132Updated last year
• BenjiTrapp / aws-threat-hunting
  Short deep dive into Threat Hunting on AWS
  ☆17Updated 2 years ago
• 100DaysofYARA / 2025
  Rules shared by the community from 100 Days of YARA 2025
  ☆38Updated last month
• northsh / detection.studio
  Convert Sigma rules to SIEM queries, directly in your browser.
  ☆109Updated 2 weeks ago
• korniko98 / pivot-atlas
  ☆101Updated 2 months ago
• silascutler / awesome-docker-malware-analysis
  Repository of tools and resources for analyzing Docker containers
  ☆72Updated 2 years ago
• blackstork-io / fabric
  An open-source command-line tool for cybersecurity reporting automation and a configuration language for reusable templates. Reporting-as…
  ☆67Updated 7 months ago
• AttackIQ / SigmAIQ
  A pySigma wrapper and langchain toolkit for automatic rule creation/translation
  ☆91Updated 3 months ago
• Neo23x0 / god-mode-rules
  God Mode Detection Rules
  ☆135Updated last year
• jalacloud / mcp-cti
  Repo for experimenting and testing MCP server builds for CTI-related research.
  ☆27Updated 8 months ago
• anyrun / YARA
  Maintained by the ANY.RUN team, this repository provides YARA rules to help detect and classify various malware families and other malici…
  ☆26Updated 3 months ago
• blackstork-io / fabric-templates
  Open-source Fabric templates for cybersecurity and compliance
  ☆31Updated last year
• center-for-threat-informed-defense / attack-powered-suit
  ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…
  ☆82Updated 8 months ago
• infosecB / Rulehound
  An index of publicly available and open-source threat detection rulesets.
  ☆131Updated 9 months ago
• fr0gger / JupyterUniverse
  Jupyter Univere is a search engine for all infosec jupyter notebooks
  ☆34Updated 10 months ago
• infosecB / detection-as-code
  An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
  ☆60Updated 3 years ago
• yaaras / honeybee
  Create honeypots for cloud environments
  ☆109Updated 4 months ago
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆75Updated last year
• nasbench / Eventlog_Compendium
  The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.
  ☆51Updated 9 months ago
• muchdogesec / obstracts
  Turn any blog into structured threat intelligence.
  ☆51Updated this week
• Velocidex / cloudvelo
  An experimental Velociraptor implementation using cloud infrastructure
  ☆26Updated 2 months ago
• Bert-JanP / Domain-Response
  Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…
  ☆49Updated last month
• krdmnbrk / AttackRuleMap
  Mapping of open-source detection rules and atomic tests.
  ☆193Updated last year
• DataDog / HASH
  HASH (HTTP Agnostic Software Honeypot)
  ☆141Updated last year
• CrowdStrike / MISP-tools
  Import CrowdStrike Threat Intelligence into your instance of MISP
  ☆50Updated 7 months ago
• bartblaze / FARA
  Repository that contains a set of purposefully erroneous Yara rules.
  ☆61Updated 6 months ago
• anvilogic-forge / armory
  Anvilogic Forge
  ☆114Updated 4 months ago
• CyberSecurityUP / GCP-Adversary-Emulator
  Comprehensive adversary emulation tool for security testing on Google Cloud Platform (GCP) environments.
  ☆14Updated last year
• mthcht / ThreatHunting-Keywords-yara-rules
  yara detection rules for hunting with the threathunting-keywords project
  ☆157Updated 8 months ago