Alternatives and similar repositories for siemstress:

Users that are interested in siemstress are comparing it to the libraries listed below

• Hestat / soc-threat-hunting
  Repo of python/bash scripts for identifying IoC's in threat feed and other online tools
  ☆26Updated 4 years ago
• MISP / best-practices-in-threat-intelligence
  Best practices in threat intelligence
  ☆46Updated 2 years ago
• dhoelzer / DAD
  Log aggregation, analysis, alerting and correlation for Windows, Syslog and text based logs.
  ☆24Updated 8 years ago
• eCrimeLabs / phish2MISP
  Easy way to create a MISP event related to a Phishing page
  ☆17Updated last year
• karthikkbala / MISP-QRadar-Integration
  The Project can be used to integrate QRadar with MISP Threat Sharing Platform
  ☆38Updated 2 years ago
• TonyPhipps / Elasticstack
  FIles and guides related to using Elasticstack as a SIEM
  ☆12Updated 4 years ago
• CanTopay / thehive-playbook-creator
  A script to create and assign SOP tasks into the cases
  ☆18Updated 4 years ago
• csirtgadgets / verbose-robot
  The Fastest way to consume Threat Intel
  ☆25Updated 2 years ago
• thomaspatzke / sigma-workshop
  Elasticsearch/Kibana environment and log data for Sigma workshop
  ☆26Updated 5 years ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆34Updated 2 years ago
• NettleSec / TriOp
  Tool for quickly gathering information from Shodan.io about the number of IPs which satisfy large number of different queries
  ☆48Updated 2 years ago
• Loginsoft-LLC / threat-detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆50Updated 2 years ago
• sk4la / plast
  Modular command-line threat hunting tool & framework.
  ☆17Updated 4 years ago
• SHolzhauer / elastic-tip
  Elastic TIP is a python tool which automates the process of aggregating Threat Intelligence and ingesting the intelligence into a common …
  ☆27Updated 6 months ago
• austin-taylor / bluewall
  Bluewall is a firewall framework designed for offensive and defensive cyber professionals.
  ☆106Updated 5 years ago
• clayball / nector
  A SIEM inspired by HECTOR, built on Django.
  ☆28Updated 5 years ago
• MISP / threat-actor-intelligence-server
  A simple ReST server to lookup threat actors (by name, synonym or UUID) and returning the corresponding MISP galaxy information about the…
  ☆47Updated last year
• OTRF / sigma
  Generic Signature Format for SIEM Systems
  ☆14Updated 3 years ago
• w8mej / ThreatPlays
  Sharing Threat Hunting runbooks
  ☆25Updated 5 years ago
• atc-project / atc-mitigation
  Actionable analytics designed to combat threats based on MITRE's ATT&CK.
  ☆22Updated 5 years ago
• SMAPPER / NSM
  This repository is created to add value to existing Network Security Monitoring solutions.
  ☆16Updated 8 years ago
• weslambert / securityonion-misp
  ☆34Updated 4 years ago
• randomuserid / Baltar
  Searches for Insider Threat Hunting
  ☆30Updated 5 years ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆22Updated 3 months ago
• CERT-Bund / IRNetTools
  Incident Response Network Tools
  ☆24Updated 3 years ago
• santiago-bassett / Alienvault-Demo_scripts
  Scripts to inject demo data and network traffic into an existing Alienvault/OSSIM installation
  ☆21Updated 7 years ago
• StamusNetworks / surimisp
  Check IOC provided by a MISP instance on Suricata events
  ☆17Updated 5 years ago
• BreakingMalwareResearch / YetiToElastic
  YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack
  ☆16Updated 4 years ago
• kinomakino / Threat-Intelligence-Data
  Snort_rules detection bad actors.
  ☆28Updated 6 months ago
• csirt-tooling-org / tooling-directory
  Tools used by CSIRT and especially in the scope of CNW
  ☆16Updated 4 months ago