Alternatives and similar repositories for event-logging-schema

Users that are interested in event-logging-schema are comparing it to the libraries listed below

• gchq / stroom-content
  Content for Stroom such as XML Schemas, translations, pipelines and dashboards
  ☆10Updated last month
• CIRCL / potiron
  Potiron - Normalize, Index and Visualize Network Capture
  ☆88Updated 6 years ago
• mitre / caret
  CARET - A tool for viewing cyber analytic relationships
  ☆55Updated 5 years ago
• MISP / misp-compliance
  Legal, procedural and policies document templates for operating MISP and information sharing communities
  ☆38Updated 2 years ago
• att / docker-forensics
  Tools to assist in forensicating docker
  ☆84Updated 4 months ago
• zeek / zeek-agent-framework
  This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2
  ☆14Updated 4 years ago
• airbus-cert / mispy
  Another MISP module for Python
  ☆18Updated 5 years ago
• MISP / best-practices-in-threat-intelligence
  Best practices in threat intelligence
  ☆48Updated 2 years ago
• andrewbeard / broworkshop
  Materials for the BSides NoVA/Charleston 2018 Bro Workshop
  ☆14Updated 2 months ago
• magoo / Vault-for-Incident-Responders
  Things to know when DFIR occurs near a vault deployment.
  ☆43Updated 7 years ago
• dutchcoders / homographs
  Homographs: brutefind homographs within a font
  ☆19Updated 8 years ago
• MISP / misp-rfc
  Specifications used in the MISP project including MISP core format
  ☆51Updated last month
• MISP / misp-packer
  Build Automated Machine Images for MISP
  ☆28Updated 2 years ago
• terry-wen / Network-Visualization-Project
  Network visualizer tool built using Processing
  ☆24Updated 4 years ago
• sroberts / responding-at-scale-with-osquery
  Using osquery for Mass Incident Detection & Response
  ☆19Updated 9 years ago
• trustedsec / hash_parser
  This is a hash parser that will export a rc file compatible with Metasploit. This is useful when compromising a separate domain and want …
  ☆22Updated 10 years ago
• CIRCL / pcapdj
  pcapdj - dispatch pcap files
  ☆46Updated 5 years ago
• brianwarehime / gavel
  Maltego Transforms to Query Traffic Records
  ☆34Updated 9 years ago
• anl-cyberscience / LQMToolset
  Flexible framework that allows automation to process cyber threat information and update endpoint defense tools.
  ☆20Updated 6 years ago
• D4-project / d4-core
  D4 core software (server and sample sensor client)
  ☆42Updated last year
• 7h3rAm / rudra
  A developer-friendly framework for exhaustive analysis of (PCAP and PE) files.
  ☆15Updated 7 years ago
• voxpupuli / puppet-misp
  This module installs and configures MISP (Malware Information Sharing Platform)
  ☆13Updated last week
• faucetsdn / network-tools
  Network Tools
  ☆33Updated last year
• nsacyber / PRUNE
  Logs key Windows process performance metrics. #nsacyber
  ☆66Updated 2 years ago
• adulau / DomainClassifier
  DomainClassifier is a Python (2/3) library to extract and classify Internet domains/hostnames/IP addresses from raw unstructured text fil…
  ☆77Updated last year
• dirtbags / fluffy
  Tools for Network Archaeology (internet protocol analysis)
  ☆29Updated last year
• Security-Onion-Solutions / securityonion-setup
  ☆36Updated 4 years ago
• CIRCL / traceroute-circl
  Traceroute improved wrapper for CSIRT and CERT operators
  ☆38Updated 9 months ago
• nsacyber / Certificate-Authority-Situational-Awareness
  Identifies unexpected and prohibited certificate authority certificates on Windows systems. #nsacyber
  ☆114Updated 9 years ago
• jaegeral / awesome-incident-response-pro-bono
  This repository is a curated list of pro bono incident response entities.
  ☆20Updated 2 years ago