Alternatives and similar repositories for CTI:

Users that are interested in CTI are comparing it to the libraries listed below

• MISP / misp-docker
  A production ready Dockered MISP
  ☆204Updated this week
• PaloAltoNetworks / Unit42-timely-threat-intel
  A collection of files with indicators supporting social media posts from Palo Alto Network's Unit 42 team to disseminate timely threat in…
  ☆237Updated this week
• JMousqueton / ransomware.live
  🏴‍☠️💰 Another Ransomware gang tracker
  ☆177Updated this week
• NUKIB / misp
  Docker image for MISP
  ☆122Updated last month
• cert-orangecyberdefense / ransomware_map
  Map tracking ransomware, by OCD World Watch team
  ☆425Updated 5 months ago
• weslambert / velociraptor-docker
  Docker image for Velocidex Velociraptor
  ☆118Updated 7 months ago
• Bert-JanP / Open-Source-Threat-Intel-Feeds
  This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…
  ☆637Updated 3 weeks ago
• GossiTheDog / Monitoring
  ☆40Updated last month
• center-for-threat-informed-defense / cti-blueprints
  CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…
  ☆224Updated last year
• randomaccess3 / Awesome-BEC
  Repository of attack and defensive information for Business Email Compromise investigations
  ☆246Updated 3 weeks ago
• google / dfiq
  DFIQ is a collection of investigative questions and the approaches for answering them
  ☆271Updated last month
• Cisco-Talos / IOCs
  Indicators of Compromise
  ☆182Updated 3 weeks ago
• The-DFIR-Report / Sigma-Rules
  Rules generated from our investigations.
  ☆193Updated 3 months ago
• MISP / misp-playbooks
  MISP Playbooks
  ☆184Updated last week
• CriticalPathSecurity / Zeek-Intelligence-Feeds
  Zeek-Formatted Threat Intelligence Feeds
  ☆352Updated this week
• keyboardcrunch / sentinelone-queries
  Repository of SentinelOne Deep Visibility queries.
  ☆122Updated 3 years ago
• magicsword-io / LOLRMM
  LotL RMM
  ☆128Updated last week
• swisscom / ArtifactCollectionMatrix
  Forensic Artifact Collection Tool Matrix
  ☆82Updated 3 months ago
• mf1d3l / Splunk4DFIR
  Harness the power of Splunk for your investigations
  ☆88Updated 2 months ago
• Casualtek / Cyberwatch
  Building a consolidated RSS feed for articles about cyberattacks
  ☆65Updated this week
• YARAHQ / yara-forge
  Automated YARA Rule Standardization and Quality Assurance Tool
  ☆192Updated last week
• ANSSI-FR / DFIR4vSphere
  Powershell module for VMWare vSphere forensics
  ☆149Updated 3 months ago
• Yamato-Security / EnableWindowsLogSettings
  Documentation and scripts to properly enable Windows event logs.
  ☆588Updated last year
• BushidoUK / CTI-Analyst-Challenge
  An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.
  ☆194Updated 7 months ago
• mthcht / ThreatHunting-Keywords
  Awesome list of keywords and artifacts for Threat Hunting sessions
  ☆522Updated this week
• acquiredsecurity / Sentinel-One-STAR-Rules-Threat-Hunts
  SentinelOne STAR Rules
  ☆56Updated last week
• docintelapp / DocIntel
  Open Source Platform for storing, organizing, and searching documents related to cyber threats
  ☆162Updated last year
• sublime-security / sublime-platform
  A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and contr…
  ☆183Updated this week
• securityjoes / ForensicMiner
  A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
  ☆151Updated 9 months ago
• guardsight / gsvsoc_cirt-playbook-battle-cards
  Cyber Incident Response Team Playbook Battle Cards
  ☆370Updated 9 months ago