Alternatives and similar repositories for CTI:

Users that are interested in CTI are comparing it to the libraries listed below

• NUKIB / misp
  Docker image for MISP
  ☆124Updated last week
• GossiTheDog / Monitoring
  ☆41Updated 2 months ago
• xsa / infosec-events
  List of past and future infosec related events.
  ☆143Updated this week
• magicsword-io / LOLRMM
  LotL RMM
  ☆155Updated last week
• Cisco-Talos / IOCs
  Indicators of Compromise
  ☆189Updated this week
• JMousqueton / ransomware.live
  🏴‍☠️💰 Another Ransomware gang tracker
  ☆186Updated last week
• sublime-security / sublime-platform
  A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and contr…
  ☆186Updated last week
• center-for-threat-informed-defense / cti-blueprints
  CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…
  ☆235Updated 2 weeks ago
• The-DFIR-Report / Sigma-Rules
  Rules generated from our investigations.
  ☆193Updated last week
• MISP / misp-playbooks
  MISP Playbooks
  ☆189Updated last month
• cert-orangecyberdefense / ransomware_map
  Map tracking ransomware, by OCD World Watch team
  ☆463Updated 3 weeks ago
• MISP / misp-docker
  A production ready Dockered MISP
  ☆219Updated this week
• CERT-Polska / mailgoose
  A web application that allows the users to check whether their SPF, DMARC and DKIM configuration is set up correctly.
  ☆141Updated 3 weeks ago
• CriticalPathSecurity / Zeek-Intelligence-Feeds
  Zeek-Formatted Threat Intelligence Feeds
  ☆358Updated this week
• BushidoUK / Breach-Report-Collection
  A collection of companies that disclose adversary TTPs after they have been breached
  ☆244Updated 11 months ago
• activecm / rita
  Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…
  ☆270Updated 2 weeks ago
• PaloAltoNetworks / Unit42-timely-threat-intel
  A collection of files with indicators supporting social media posts from Palo Alto Network's Unit 42 team to disseminate timely threat in…
  ☆276Updated last week
• keyboardcrunch / sentinelone-queries
  Repository of SentinelOne Deep Visibility queries.
  ☆125Updated 3 years ago
• ThreatLabz / iocs
  This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports
  ☆71Updated 4 months ago
• THORCollective / HEARTH
  A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …
  ☆217Updated 2 weeks ago
• activecm / threat-tools
  Tools for simulating threats
  ☆183Updated last year
• nasbench / SIGMA-Resources
  Resources To Learn And Understand SIGMA Rules
  ☆174Updated 2 years ago
• madirish / ossocdocs
  Open Source Security Operations Center Documentation
  ☆168Updated last week
• hevnsnt / Awesome_Incident_Response
  Awesome Incident Response
  ☆269Updated 11 months ago
• SigmaHQ / sigma-cli
  The Sigma command line interface based on pySigma
  ☆147Updated last month
• ANSSI-FR / DFIR4vSphere
  Powershell module for VMWare vSphere forensics
  ☆150Updated 4 months ago
• Bert-JanP / Open-Source-Threat-Intel-Feeds
  This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…
  ☆655Updated 2 months ago
• ail-project / lacus
  Lacus is a capturing system using playwright, as a web service.
  ☆61Updated last week
• SigmaHQ / pySigma-backend-elasticsearch
  pySigma Elasticsearch backend
  ☆50Updated this week
• thinkst / canary-utils
  Collection of useful Canary tools
  ☆77Updated last week