Alternatives and similar repositories for threat-team

Users that are interested in threat-team are comparing it to the libraries listed below

• ThreatMon / ThreatMon-Daily-C2-Feeds
  IOC Stream and Command and Control Database Containing Command and Control (C2) Servers Detected Daily by ThreatMon.
  ☆68Updated last year
• ThreatLabz / iocs
  This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports
  ☆75Updated this week
• blacklotuslabs / IOCs
  IOCs published by Black Lotus Labs
  ☆124Updated last month
• korniko98 / pivot-atlas
  ☆100Updated this week
• reecdeep / segugio
  Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…
  ☆150Updated last year
• silascutler / awesome-docker-malware-analysis
  Repository of tools and resources for analyzing Docker containers
  ☆71Updated 2 years ago
• telekom-security / malware_analysis
  This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.
  ☆119Updated 2 years ago
• Cyb3rWard0g / IntelRAGU
  Intel Retrieval Augmented Generation (RAG) Utilities
  ☆91Updated last year
• curated-intel / The-CTI-Research-Guide
  A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners
  ☆114Updated last year
• CTI-Driven / LOLBins
  The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…
  ☆125Updated last year
• JPCERTCC / MemoryForensic-on-Cloud
  Memory Forensic System on Cloud
  ☆92Updated last year
• AttackIQ / SigmAIQ
  A pySigma wrapper and langchain toolkit for automatic rule creation/translation
  ☆88Updated last month
• markkcc / crxaminer
  Examine Chrome extensions for security issues
  ☆88Updated 3 weeks ago
• curated-intel / Threat-Actor-Profile-Guide
  The Threat Actor Profile Guide for CTI Analysts
  ☆115Updated 2 years ago
• mthcht / ThreatIntel-Reports
  Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports
  ☆140Updated last week
• fox-it / acquire
  acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.
  ☆112Updated 2 weeks ago
• Neo23x0 / god-mode-rules
  God Mode Detection Rules
  ☆134Updated last year
• jstrosch / subcrawl
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆54Updated last year
• dwmetz / MalChela
  A YARA & Malware Analysis Toolkit written in Rust.
  ☆78Updated 2 months ago
• blackberry / threat-research-and-intelligence
  BlackBerry Threat Research & Intelligence
  ☆99Updated 2 years ago
• intel471 / CU-GIR
  Cyber Underground General Intelligence Requirements
  ☆96Updated last year
• MISP / misp-training-lea
  Practical Information Sharing between Law Enforcement and CSIRT communities using MISP
  ☆35Updated 2 years ago
• DataDog / HASH
  HASH (HTTP Agnostic Software Honeypot)
  ☆140Updated last year
• referefref / honeydet
  Signature based honeypot detector tool written in Golang
  ☆107Updated 8 months ago
• c2links / NoWhere2Hide
  C2 Active Scanner
  ☆60Updated last year
• bartblaze / FARA
  Repository that contains a set of purposefully erroneous Yara rules.
  ☆61Updated 4 months ago
• fox-it / skrapa
  A zero dependency and customizable Python library for scanning Windows and Linux process memory.
  ☆66Updated last year
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆66Updated 3 years ago
• CERN-CERT / pDNSSOC
  Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.
  ☆54Updated last month
• TactiKoolSec / OTHF
  Open Threat Hunting Framework
  ☆120Updated 2 years ago