Alternatives and similar repositories for Logprep

Users that are interested in Logprep are comparing it to the libraries listed below

• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated 3 weeks ago
• corelight / zeek-long-connections
  Zeek package for tracking long connections to report them before they have completed.
  ☆30Updated 3 months ago
• zeek / spicy-analyzers
  Growing collection of Spicy-based protocol and file analyzers for Zeek
  ☆31Updated 8 months ago
• DCSO / balboa
  server for indexing and querying passive DNS observations
  ☆46Updated 2 months ago
• corelight / got_zoom
  A Zeek package that detects Zoom logins and meeting joins
  ☆12Updated 5 years ago
• opencybersecurityalliance / firepit
  Firepit - STIX Columnar Storage
  ☆16Updated 11 months ago
• corelight / pycommunityid
  A Python implementation of the Community ID flow hashing standard
  ☆23Updated last year
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆35Updated last year
• oasis-open / cti-pattern-matcher
  OASIS TC Open Repository: Match STIX content against STIX patterns
  ☆44Updated 2 years ago
• ccdcoe / Frankencoding
  You're busted!
  ☆26Updated 5 years ago
• satta / suricata-json-schema
  Suricata JSON schema project
  ☆12Updated 5 years ago
• csaf-tools / CVRF-CSAF-Converter
  A CVRF CSAF Converter, taking care about OASIS specification.
  ☆10Updated 3 weeks ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆22Updated 6 months ago
• ElasticSA / elsec_dr2an
  Script to create MITRE ATT&CK Navigator layers from the annotated detection rules in Elastic Security (Kibana).
  ☆20Updated last year
• oasis-open / cti-stix-slider
  OASIS TC Open Repository: The repository cti-stix-slider supports development of a Python application to convert STIX 2.0 content to STIX…
  ☆21Updated last year
• DCSO / MISP-dockerized
  ☆33Updated 5 years ago
• csirt-tooling-org / csirt-tooling-best-practices
  CSIRT Tooling: Best Practices in Developing, Maintaining and Distributing Open Source Tools
  ☆16Updated 2 years ago
• CAPESandbox / sflock
  Sample staging & detonation utility to be used in combination with Cuckoo Sandbox.
  ☆11Updated 3 months ago
• CyCat-project / cycat-taxonomy
  CyCAT.org taxonomies
  ☆15Updated 3 years ago
• ncsa / bro-doctor
  ☆23Updated 5 years ago
• MISP / PyMISPWarningLists
  Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists
  ☆33Updated 3 months ago
• theparanoids / spicy-noise
  A Spicy protocol analyzer for WireGuard
  ☆29Updated 4 years ago
• opencybersecurityalliance / kestrel-jupyter
  Kestrel Jupyter Notebook Kernel
  ☆9Updated last year
• tenzir / zeek-tenzir
  Enables Zeek to communicate with Tenzir
  ☆11Updated last year
• CybercentreCanada / assemblyline-core
  Core server components for Assemblyline 4 (Alerter, dispatcher, expiry, ingester, scaler, updater, ...)
  ☆21Updated this week
• tiburon-security / sriracha-iq
  Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…
  ☆18Updated 5 years ago
• MISP / misp-packer
  Build Automated Machine Images for MISP
  ☆28Updated last year
• telekom-security / misp-warning-lists
  ☆28Updated this week
• TracecatHQ / hunts
  🐻‍❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.
  ☆10Updated 11 months ago
• opencybersecurityalliance / documentation
  OCA-wide documentation shared by all sub-projects and repositories
  ☆33Updated 6 months ago