Alternatives and similar repositories for logdissect

Users that are interested in logdissect are comparing it to the libraries listed below

• SpamScope / spamscope
  Fast Advanced Spam Analysis Tool
  ☆300Updated last year
• csirtgadgets / csirtg-mail-py
  The FASTEST way to parse Email
  ☆17Updated 3 years ago
• EmersonElectricCo / boomerang
  A tool designed for consistent and safe capture of off network web resources.
  ☆38Updated 8 years ago
• IntegralDefense / ACE
  Analysis Correlation Engine
  ☆26Updated 5 years ago
• veeral-patel / incidents
  Please use https://github.com/veeral-patel/true-positive instead
  ☆68Updated 2 years ago
• CIRCL / potiron
  Potiron - Normalize, Index and Visualize Network Capture
  ☆88Updated 6 years ago
• keithjjones / fileintel
  A modular Python application to pull intelligence about malicious files
  ☆122Updated 4 years ago
• OTRF / notebooks-forge
  A collection of notebooks built for defensive and offensive operations.
  ☆77Updated 4 years ago
• tenzir / threatbus
  🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.
  ☆263Updated 2 years ago
• csirtgadgets / bearded-avenger-deploymentkit
  CIFv3 DeploymentKit
  ☆64Updated 5 years ago
• Yara-Rules / yara-endpoint
  Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
  ☆109Updated 7 years ago
• ioc-fang / ioc-fanger
  Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .
  ☆63Updated last year
• marcusbakker / GreyNoise
  Python tool build around GreyNoise's alpha/public API
  ☆11Updated 6 years ago
• Soinull / assimilate
  Assimilate is a series of scripts for using the Naïve Bayes algorithm to find potential malicious activity in HTTP headers
  ☆91Updated 7 years ago
• MarkBaggett / apiify
  Wrap any binary into a cached webserver
  ☆53Updated 3 years ago
• securityclippy / elasticintel
  Serverless, low cost, threat intel aggregation for enterprise or personal use, backed by ElasticSearch.
  ☆141Updated 2 years ago
• adulau / misp-osint-collection
  Collection of best practices to add OSINT into MISP and/or MISP communities
  ☆66Updated last year
• mandiant / GeoLogonalyzer
  GeoLogonalyzer is a utility to analyze remote access logs for anomalies such as travel feasibility and data center sources.
  ☆196Updated 11 months ago
• sublime-security / static-files
  A collection of static files maintained by the Sublime team, primarily used for phishing defense.
  ☆88Updated this week
• PUNCH-Cyber / stoq-plugins-public
  stoQ Public Plugins
  ☆71Updated 2 years ago
• philhagen / timeshift
  A python script to shift the timestamp on syslog data. Useful for forensicators combating time skew.
  ☆21Updated 3 years ago
• csirtgadgets / bearded-avenger
  CIF v3 -- the fastest way to consume threat intelligence
  ☆182Updated 2 years ago
• barnumbirr / ares
  A python wrapper around https://cve.circl.lu.
  ☆55Updated last month
• xme / toolbox
  Miscelaneous useful scripts for my day to day projects
  ☆124Updated 4 years ago
• CityBaseInc / SIAC
  SIAC is an enterprise SIEM built on open-source technology.
  ☆114Updated 6 years ago
• philhagen / ip2geo
  Script to perform bulk local GeoIP lookups (ASN and geo) for IP addresses
  ☆101Updated 5 years ago
• opendns / pyinvestigate
  Python module to interface with the OpenDNS Investigate API
  ☆63Updated 3 years ago
• alias454 / graylog-zeek-content-pack
  BRO/Zeek IDS content pack contains pipeline rules, a stream, a dashboard displaying interesting activity, and a syslog tcp input to captu…
  ☆20Updated 5 years ago
• TheHive-Project / Hippocampe
  Threat Feed Aggregation, Made Easy
  ☆168Updated 5 years ago
• corelight / pycommunityid
  A Python implementation of the Community ID flow hashing standard
  ☆23Updated last year