Alternatives and similar repositories for geneve

Users that are interested in geneve are comparing it to the libraries listed below

• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated 3 weeks ago
• elastic / ecs-mapper
  Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash
  ☆54Updated 3 years ago
• secureworks / aristotle
  ☆38Updated 8 months ago
• target / huntlib
  A Python library to help with some common threat hunting data analysis operations
  ☆143Updated 2 years ago
• TAXIIProject / libtaxii
  A Python library for handling TAXII Messages invoking TAXII Services.
  ☆71Updated 4 years ago
• oasis-open / cti-stix-elevator
  OASIS Cyber Threat Intelligence (CTI) TC Open Repository: Convert STIX 1.2 XML to STIX 2.x JSON
  ☆50Updated last year
• eclecticiq / cabby
  TAXII client implementation from EclecticIQ
  ☆101Updated 3 years ago
• traut / stixview
  STIX2 graph visualisation library in JS
  ☆90Updated 3 weeks ago
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆36Updated 2 years ago
• thomaspatzke / sigma-workshop
  Elasticsearch/Kibana environment and log data for Sigma workshop
  ☆27Updated 5 years ago
• CybercentreCanada / assemblyline-core
  Core server components for Assemblyline 4 (Alerter, dispatcher, expiry, ingester, scaler, updater, ...)
  ☆21Updated last week
• TAXIIProject / yeti
  YETI is a TAXII implementation
  ☆46Updated 6 years ago
• ElasticSA / elsec_dr2an
  Script to create MITRE ATT&CK Navigator layers from the annotated detection rules in Elastic Security (Kibana).
  ☆20Updated 2 years ago
• oasis-open / cti-stix-validator
  OASIS TC Open Repository: Validator for STIX 2.0 JSON normative requirements and best practices
  ☆53Updated 4 months ago
• ncsa / bro-doctor
  ☆23Updated 5 years ago
• oasis-open / cti-taxii-client
  OASIS TC Open Repository: TAXII 2 Client Library Written in Python
  ☆116Updated last year
• MISP / misp-objects
  Definition, description and relationship types of MISP objects
  ☆99Updated 2 weeks ago
• 0xtf / testmynids.org
  A website and framework for testing NIDS detection
  ☆57Updated 3 years ago
• rkovar / splunk-hunting-helpers
  ☆55Updated 3 years ago
• OTRF / notebooks-forge
  A collection of notebooks built for defensive and offensive operations.
  ☆77Updated 4 years ago
• sebdraven / IOCmite
  Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert
  ☆36Updated 2 years ago
• corelight / pycommunityid
  A Python implementation of the Community ID flow hashing standard
  ☆23Updated last year
• regit / suriwire
  Wireshark plugin to display Suricata analysis info
  ☆95Updated 3 years ago
• annamcabee / Mitre-Attack-API
  Python module to interact with the MITRE attack framework via the MITRE API
  ☆83Updated 7 years ago
• neu5ron / es_stk
  ☆13Updated 3 years ago
• Neo23x0 / ti-falsepositives
  A collection of typical false positive indicators
  ☆55Updated 4 years ago
• MISP / MISP-STIX-Converter
  A utility repo to assist with converting between MISP and STIX formats
  ☆68Updated 4 years ago
• oasis-open / cti-taxii-server
  OASIS TC Open Repository: TAXII 2 Server Library Written in Python
  ☆129Updated last year
• oasis-open / cti-pattern-matcher
  OASIS TC Open Repository: Match STIX content against STIX patterns
  ☆44Updated 2 years ago
• socprime / soc_workflow_app_ce
  SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…
  ☆94Updated 2 years ago