Alternatives and similar repositories for CISA_Enrichment

Users that are interested in CISA_Enrichment are comparing it to the libraries listed below

• jgamblin / cve.icu
  CVE.ICU code.
  ☆42Updated this week
• jgamblin / CVElk
  Autoconfigured ELK Stack That Contains All EPSS and NVD CVE Data
  ☆51Updated last month
• nettitude / PoshC2_IOCs
  A list of IOCs applicable to PoshC2
  ☆24Updated 4 years ago
• intelforge / tmc
  Threat Mapping Catalogue
  ☆17Updated 3 years ago
• 3c7 / infrastructure-tracking-schema
  ☆24Updated 2 years ago
• OTRF / sigma
  Generic Signature Format for SIEM Systems
  ☆14Updated 3 years ago
• cyentific-rni / SAG
  An elevated STIX representation of the MITRE ATT&CK Groups knowledge base
  ☆23Updated 3 years ago
• stairwell-inc / threat-research
  Repository of tools, YARA rules, and code-snippets from Stairwell's research team.
  ☆22Updated last year
• swimlane / pyattck-data
  This repository contains generated contextual data utilized by pyattck.
  ☆19Updated 3 months ago
• NVISOsecurity / nviso-cti
  ☆42Updated last year
• nasbench / Awesome-Detection-Engineering
  Resources and Discussions About Detection Engineering
  ☆12Updated 2 years ago
• tropChaud / webpage2attack
  Generate portable TTP intelligence from a web-based report
  ☆31Updated 2 years ago
• adulau / HHHash
  HTTP Headers Hashing (HHHash) is a technique used to create a fingerprint of an HTTP server based on the headers it returns.
  ☆77Updated last year
• threatexpress / threat-mitigation
  Threat Mitigation Strategies
  ☆25Updated last year
• SCS-Labs / TheWatchList
  Threat Feeds, Threat lists, and regular lists of known IP ranges and domains. It updates every 4 hours.
  ☆16Updated 4 years ago
• caschnee / misp-use-cases
  ☆14Updated 7 years ago
• nasbench / C2-Matrix-Indicators
  This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
  ☆72Updated 3 years ago
• JimmyAstle / Atomic-Parser
  Python parser for Red Canary's Atomic Red Team Yamls
  ☆27Updated 6 years ago
• BinaryDefense / beacon-fronting
  A simple command line program to help defender test their detections for network beacon patterns and domain fronting
  ☆69Updated 3 years ago
• afxdub / http-screenshot-html
  NMAP NSE script that scans for http(s) server, takes a screenshot of them, and organizes the results into an HTML report.
  ☆27Updated 10 years ago
• CyCat-project / cycat-service
  CyCAT.org API back-end server including crawlers
  ☆29Updated 2 years ago
• sourcefrenchy / goqrexfil
  A mini project to exfiltrate data via QR codes
  ☆19Updated last week
• sourcefrenchy / spotexfil
  A simple way to exfiltrate data using spotify API
  ☆18Updated last month
• akamai / luda
  Malicious actors often reuse code to deploy their malware, phishing website or CNC server. As a result, similiaries can be found on URLs …
  ☆75Updated last year
• huydhn / certstream-analytics
  certstream + analytics
  ☆11Updated 5 years ago
• qeeqbox / octopus
  Pure Honeypots with an automated bash script
  ☆20Updated 3 years ago
• eremit4 / cs-discovery
  Detecting Cobalt Strike Team Servers on targets through traffic telemetry.
  ☆22Updated 9 months ago
• optiv / Yara-Rules
  ☆9Updated 4 years ago
• blacklanternsecurity / zmap-asset-inventory
  Python script which takes internal asset inventory at scale using zmap. Outputs to CSV.
  ☆21Updated 3 years ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆55Updated 11 months ago