Alternatives and similar repositories for nova-framework

Users that are interested in nova-framework are comparing it to the libraries listed below

• infosecB / Rulehound
  An index of publicly available and open-source threat detection rulesets.
  ☆124Updated 4 months ago
• krdmnbrk / AttackRuleMap
  Mapping of open-source detection rules and atomic tests.
  ☆176Updated 7 months ago
• korniko98 / pivot-atlas
  ☆94Updated last month
• AttackIQ / DetectIQ
  ☆115Updated 3 months ago
• Yamato-Security / suzaku
  Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.
  ☆147Updated last week
• huntresslabs / rogueapps
  When good OAuth apps go rogue. Documents observed OAuth application tradecraft
  ☆77Updated 2 weeks ago
• dwillowtree / diana
  Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )
  ☆190Updated last year
• dandye / adk_runbooks
  ☆46Updated last week
• vectra-ai-research / Halberd
  Halberd : Multi-Cloud Agentic Attack Tool
  ☆306Updated last week
• fr0gger / JupyterUniverse
  Jupyter Univere is a search engine for all infosec jupyter notebooks
  ☆28Updated 5 months ago
• Mickinthemiddle / CLOAK
  Knowledge base on cybercriminal concealment techniques
  ☆76Updated 4 months ago
• arsolutioner / ExtensionHound
  A security analysis tool that identifies DNS queries made by browser extensions, empowering security teams to detect and investigate susp…
  ☆177Updated 7 months ago
• curated-intel / Attribution-to-IP
  A collection of methods to learn who the owner of an IP address is.
  ☆172Updated 3 months ago
• northsh / detection.studio
  Convert Sigma rules to SIEM queries, directly in your browser.
  ☆94Updated this week
• MHaggis / ClickGrab
  Finding ClickFix and FakeCAPTCHA like it's 1999
  ☆57Updated last week
• okta / customer-detections
  ☆146Updated this week
• cudeso / proof-value-cti
  Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.
  ☆52Updated 10 months ago
• cisagov / playbook-ng
  Playbook-NG is a stateless web-based application used to match incident findings with countermeasures for adversary containment and evict…
  ☆138Updated last month
• 100DaysofYARA / 2025
  Rules shared by the community from 100 Days of YARA 2025
  ☆35Updated 7 months ago
• BushidoUK / Breach-Report-Collection
  A collection of companies that disclose adversary TTPs after they have been breached
  ☆245Updated last year
• davidljohnson / flowviz
  AI-powered cybersecurity attack flow visualization tool using MITRE ATT&CK
  ☆67Updated last week
• curated-intel / The-CTI-Research-Guide
  A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners
  ☆106Updated 10 months ago
• AttackIQ / SigmAIQ
  A pySigma wrapper and langchain toolkit for automatic rule creation/translation
  ☆84Updated 3 months ago
• dandye / ai-runbooks
  ☆56Updated 2 weeks ago
• st0pp3r / awesome-detection-engineer
  Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools…
  ☆116Updated last week
• rfackroyd / detection-engineering-starter-pack
  A starter pack of resources to help you get started in Detection Engineering.
  ☆172Updated 3 weeks ago
• mgreen27 / mcp-velociraptor
  VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.
  ☆50Updated 3 weeks ago
• referefref / sinon
  Automation tool for Windows Deception Host Burn-In
  ☆86Updated 9 months ago
• reecdeep / segugio
  Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…
  ☆150Updated 11 months ago
• CTI-Driven / LOLBins
  The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…
  ☆125Updated last year