Alternatives and similar repositories for docker-snort:

Users that are interested in docker-snort are comparing it to the libraries listed below

• StamusNetworks / surimisp
  Check IOC provided by a MISP instance on Suricata events
  ☆17Updated 5 years ago
• jordisk / TheHive2Sigma
  Python script to automatically create sigma rules from The hive observables
  ☆24Updated 6 years ago
• ninoseki / iocingestor
  An extendable tool to extract and aggregate IoCs from threat feeds
  ☆33Updated last year
• OTRF / openhunt
  ☆33Updated 3 years ago
• bfuzzy / ThreatHunter-Playbook
  A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
  ☆14Updated 6 years ago
• csirtgadgets / verbose-robot
  The Fastest way to consume Threat Intel
  ☆25Updated 2 years ago
• Fallenour / Venator
  Security Operations Center Multiple Purpose Tool, takes IP address input, conducts OSINT, conducts splunk, bro, fireeye, imperva, and fir…
  ☆21Updated 7 years ago
• DFIRnotes / rules
  Some rules, scripts of some use to us
  ☆9Updated 5 months ago
• neu5ron / dnssinkholelist
  dnssinkholelist is a python package focused on combining open source lists of malicious domains, dynamic dns domains, and advertisement d…
  ☆18Updated 8 years ago
• gburkle / Stalker
  Threat Intel and Incident Reponse
  ☆10Updated 6 years ago
• Rurik / Java_IDX_Parser
  Parses Java Cache IDX files
  ☆39Updated 7 years ago
• weslambert / securityonion-strelka
  ☆12Updated 5 years ago
• eCrimeLabs / phish2MISP
  Easy way to create a MISP event related to a Phishing page
  ☆17Updated last year
• bromiley / pollen
  pollen - A command-line tool for interacting with TheHive
  ☆35Updated 5 years ago
• jipegit / FECT
  Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer
  ☆42Updated 4 years ago
• ciscocsirt / dhp
  Simple Docker Honeypot server emulating small snippets of the Docker HTTP API
  ☆30Updated 4 years ago
• kevthehermit / yaraMail
  Yara Scanner For IMAP Feeds and saved Streams
  ☆28Updated 5 years ago
• phainlen / DNS-Hunting
  Use DNS to hunt for threats including DGAs
  ☆15Updated 9 years ago
• egaus / malicious_url_analysis
  ☆18Updated 6 years ago
• Benster900 / ThreatWaffle
  Threat hunting repo for my independent study on threat hunting with OSQuery
  ☆27Updated 7 years ago
• UNIT777 / Email2TheHive
  This package allows for creating alerts in The Hive from emails retrieved from a Microsoft Exchange mailbox.
  ☆12Updated 7 years ago
• notx11 / urlScan2Hive
  Triage automation for suspect URLs
  ☆13Updated 5 years ago
• defensivedepth / Sysmon_OSSEC
  OSSEC Decoder & Rulesets for Sysmon Events
  ☆15Updated 9 years ago
• sk4la / plast
  Modular command-line threat hunting tool & framework.
  ☆17Updated 4 years ago
• yeti-platform / pyeti
  Python bindings for Yeti's API
  ☆18Updated last year
• SekoiaLab / FastIR_Agent
  FastIR Agent is a Windows service to execute FastIR Collector on demand
  ☆14Updated 7 years ago
• nogoodconfig / pyarascanner
  A simple many-rules to many-files YARA scanner for incident response or malware zoos.
  ☆26Updated 6 years ago
• DearBytes / Opensource-Endpoint-Monitoring
  This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.
  ☆34Updated 5 years ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆22Updated 5 months ago
• Stahlz / CertWatcher
  CertWatcher is a new take on monitoring for phishing sites. It is meant to be a set and forget service that will send you a daily report …
  ☆11Updated 4 years ago