Alternatives and similar repositories for SANS_THIR16

Users that are interested in SANS_THIR16 are comparing it to the libraries listed below

• cmatthewbrooks / pyiocutils
  A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).
  ☆17Updated 6 years ago
• jipegit / IRNotes
  Some IR notes
  ☆73Updated 8 years ago
• hempnall / broyara
  integrating bro into yara
  ☆33Updated 10 years ago
• mixmodeai / bro_intel_linter
  Bro Intel Feed Linter
  ☆26Updated 5 years ago
• sooshie / scrape_pdf
  Python script to pull various IOCs from PDFs
  ☆15Updated 10 years ago
• jshlbrd / laikaboss-modules
  ☆17Updated 7 years ago
• Concinnity-Risks / LogisticalBudget
  This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, o…
  ☆35Updated 6 years ago
• binarlyhq / binarly-query
  Command-line Interface for Binar.ly
  ☆37Updated 8 years ago
• jeffbryner / pyioc
  Python tools for IOC (Indicator of Compromise) handling
  ☆96Updated 3 years ago
• pmelson / viper-scripts
  Various Modules & Scripts for use with Viper Framework
  ☆27Updated 5 years ago
• lolnate / vt-hunter
  Automation for VirusTotal
  ☆31Updated 9 years ago
• wolfpack1 / intel_collection_tools
  ☆22Updated 7 years ago
• dougiep16 / actortrackr
  Home to the ActorTrackr source code
  ☆24Updated 8 years ago
• YahooArchive / PyIOCe
  Python IOC Editor
  ☆63Updated 10 years ago
• cylance / NMAP-Cluster
  Clustering NMAP XML results to help make sense of large scan results.
  ☆33Updated 2 years ago
• sfakiana / FIRST-CTI-2019
  References for FIRST CTI 2019 Symposium presentation
  ☆22Updated 6 years ago
• xme / cuckoomx
  CuckooMX is a project to automate analysis of files transmitted over SMTP (using the Cuckoo sandbox)
  ☆41Updated 12 years ago
• crits / pycrits
  Python interface to the CRITs API
  ☆22Updated 8 years ago
• swackhamer / vt_notification_puller
  VirusTotal Intelligence Notification Puller
  ☆28Updated 8 years ago
• 1aN0rmus / TekDefense
  Open Development projects for TekDefense
  ☆77Updated 8 years ago
• r3comp1le / VT-Hunter
  Manage VT Alerts
  ☆62Updated 8 years ago
• MinervaLabsResearch / Mystique
  Mystique may be used to discover infection markers that can be used to vaccinate endpoints against malware. It receives as input a malici…
  ☆82Updated 7 years ago
• wmetcalf / buildcuckoo-trusty
  A dumb set of scripts for building a cuckoo rig
  ☆61Updated 8 years ago
• neu5ron / WinLogsZero2Hero
  This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.
  ☆22Updated 7 years ago
• rj-chap / EKWorkshop
  BSidesLV 2015 Exploit Kit Analysis Workshop Files
  ☆27Updated 9 years ago
• fugawi / mate
  Mitre Att&ck Technique Emulation
  ☆82Updated 6 years ago
• Kafeine / public
  ☆19Updated 6 years ago
• stratosphereips / whois-similarity-distance
  This python scripts can calculate the WHOIS Similarity Distance between two given domains.
  ☆29Updated 2 years ago
• dstepanic / attck_empire
  Generate ATT&CK Navigator layer file from PowerShell Empire agent logs
  ☆49Updated 6 years ago
• opensourcesec / malstrom
  Cyber Intel Management
  ☆48Updated 7 years ago