Alternatives and similar repositories for phantom-test-harness

Users that are interested in phantom-test-harness are comparing it to the libraries listed below

• ryanplasma / awesome-splunk-phantom
  A collection of awesome resources built for and around the Splunk Phantom platform.
  ☆15Updated 5 years ago
• bromiley / pollen
  pollen - A command-line tool for interacting with TheHive
  ☆35Updated 6 years ago
• ministryofpromise / splunk2resilient
  splunk alert script to create resilient tickets
  ☆10Updated 9 years ago
• corelight / detect-ransomware-filenames
  ☆17Updated 8 months ago
• theparanoids / rdfp
  Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
  ☆40Updated 2 years ago
• UNIT777 / Email2TheHive
  This package allows for creating alerts in The Hive from emails retrieved from a Microsoft Exchange mailbox.
  ☆12Updated 8 years ago
• socprime / SigmaRulesIntegration
  ☆15Updated 7 years ago
• BreakingMalwareResearch / YetiToElastic
  YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack
  ☆16Updated 4 years ago
• ExabeamLabs / Synopsis
  Synopsis is a tool to aid analysts reviewing browser history files by providing a high-level “synopsis” of key information.
  ☆21Updated 6 years ago
• rkovar / splunk-hunting-helpers
  ☆55Updated 3 years ago
• ctxis / cbrcli
  Command line interface to Carbon Black Response
  ☆38Updated 5 years ago
• micrictor / smbfp
  Zeek package to generate a SMB client fingerprint
  ☆27Updated 5 years ago
• MHaggis / sysmon-splunk-app
  Sysmon Splunk App
  ☆47Updated 7 years ago
• MHaggis / app_splunk_sysmon_hunter
  Splunk App to assist Sysmon Threat Hunting
  ☆38Updated 8 years ago
• teamdfir / volatility-plugins-community
  Volatility plugins developed and maintained by the community
  ☆21Updated 11 months ago
• airbus-cert / Splunk-ETW
  A Splunk Technology Add-on to forward filtered ETW events.
  ☆30Updated 4 years ago
• 0xThiebaut / sigmai
  Import specific data sources into the Sigma generic and open signature format.
  ☆78Updated 3 years ago
• vi-or-die / TheHive4PS
  Powershell Functions to interact with TheHive-Project
  ☆11Updated 6 years ago
• MISP / misp-cloud
  misp-cloud - Cloud-ready images of MISP
  ☆73Updated 3 years ago
• alwashmi / MasterParser
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆23Updated 4 years ago
• timfrazier1 / AdversarySimulation
  Compilation of resources to help with Adversary Simulation automation harness
  ☆100Updated 5 years ago
• ashwin-patil / threat-hunting-with-notebooks
  Repository with Sample threat hunting notebooks on Security Event Log Data Sources
  ☆66Updated 2 years ago
• awhogan / CSIntel
  CrowdStrike Threat Intelligence
  ☆36Updated 2 years ago
• olafhartong / TA-Sysmon-deploy
  Deploy and maintain Symon through the Splunk Deployment Sever
  ☆31Updated 5 years ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆35Updated 3 years ago
• weslambert / securityonion-misp
  ☆36Updated 4 years ago
• sans-blue-team / course_indices
  Indices for courses in SANS' Network Security Operations curriculum
  ☆16Updated 9 years ago
• jordisk / TheHive2Sigma
  Python script to automatically create sigma rules from The hive observables
  ☆25Updated 6 years ago
• sans-blue-team / sec555-wiki
  ☆77Updated 6 years ago
• CIRCL / yara-validator
  Validates yara rules and tries to repair the broken ones.
  ☆40Updated 5 years ago