Alternatives and similar repositories for geneve

Users that are interested in geneve are comparing it to the libraries listed below

• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated this week
• sevickson / osquery_tables_graph
  Repository containing Jupyter Notebooks for working with OSQuery tables and data
  ☆17Updated 5 years ago
• CyCat-project / cycat-service
  CyCAT.org API back-end server including crawlers
  ☆29Updated 2 years ago
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆35Updated last year
• ncsa / bro-doctor
  ☆23Updated 5 years ago
• Patrowl / PatrowlCortexAnalyzers
  PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
  ☆11Updated last year
• cyentific-rni / SAG
  An elevated STIX representation of the MITRE ATT&CK Groups knowledge base
  ☆23Updated 3 years ago
• jgamblin / CVElk
  Autoconfigured ELK Stack That Contains All EPSS and NVD CVE Data
  ☆51Updated last week
• oasis-open / cti-stix-elevator
  OASIS Cyber Threat Intelligence (CTI) TC Open Repository: Convert STIX 1.2 XML to STIX 2.x JSON
  ☆50Updated last year
• aacgood / Cortex-Analyzers
  A collection of Cortex Analyzers and Responders for TheHive/Cortex
  ☆13Updated 5 years ago
• bcmc / oss
  \B\C\M\C\ Open Source Software
  ☆18Updated 3 years ago
• oasis-open / cti-sep-repository
  OASIS TC Open Repository: STIX Enhancement Proposals (SEPs) https://github.com/oasis-open/cti-sep-repository
  ☆16Updated 2 years ago
• corelight / zeek-long-connections
  Zeek package for tracking long connections to report them before they have completed.
  ☆30Updated 4 months ago
• target / attack-navigator-docker
  A simple Docker container that serves the MITRE ATT&CK Navigator web app
  ☆27Updated 2 years ago
• MISP / misp-rfc
  Specifications used in the MISP project including MISP core format
  ☆51Updated 5 months ago
• marcusbakker / GreyNoise
  Python tool build around GreyNoise's alpha/public API
  ☆11Updated 6 years ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆22Updated 7 months ago
• oasis-open / cti-pattern-matcher
  OASIS TC Open Repository: Match STIX content against STIX patterns
  ☆44Updated 2 years ago
• corelight / pycommunityid
  A Python implementation of the Community ID flow hashing standard
  ☆23Updated last year
• MISP / misp-vagrant
  Deploy MISP Project software with Vagrant.
  ☆43Updated 5 years ago
• adulau / threat-intelligence.eu
  threat-intelligence.eu website and repository of information about open standards, documents, methodologies and processes in threat intel…
  ☆48Updated 2 years ago
• corelight / got_zoom
  A Zeek package that detects Zoom logins and meeting joins
  ☆12Updated 5 years ago
• tiburon-security / sriracha-iq
  Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…
  ☆18Updated 5 years ago
• socprime / SigmaRulesIntegration
  ☆15Updated 7 years ago
• secureworks / aristotle
  ☆38Updated 7 months ago
• oasis-open / cti-stix-validator
  OASIS TC Open Repository: Validator for STIX 2.0 JSON normative requirements and best practices
  ☆52Updated 3 months ago
• wazuh / wazuh-splunk
  Wazuh - Splunk App
  ☆55Updated 9 months ago
• ElasticSA / elsec_dr2an
  Script to create MITRE ATT&CK Navigator layers from the annotated detection rules in Elastic Security (Kibana).
  ☆20Updated last year
• 0xThiebaut / sigmai
  Import specific data sources into the Sigma generic and open signature format.
  ☆78Updated 3 years ago
• elastic / ecs-mapper
  Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash
  ☆54Updated 3 years ago