Alternatives and similar repositories for blackcert

Users that are interested in blackcert are comparing it to the libraries listed below

• Neo23x0 / ti-falsepositives
  A collection of typical false positive indicators
  ☆55Updated 4 years ago
• MISP / mail_to_misp
  Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.
  ☆69Updated last year
• 0xThiebaut / sigmai
  Import specific data sources into the Sigma generic and open signature format.
  ☆78Updated 3 years ago
• da667 / AutoMISP
  automate your MISP installs
  ☆68Updated 5 years ago
• eCrimeLabs / MISP2CbR
  Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.
  ☆20Updated 3 years ago
• MISP / misp-cloud
  misp-cloud - Cloud-ready images of MISP
  ☆73Updated 2 years ago
• notx11 / urlScan2Hive
  Triage automation for suspect URLs
  ☆13Updated 6 years ago
• neolea / neolea-training-materials
  Open source training materials for law-enforcement and organisations interested in DFIR.
  ☆60Updated 2 months ago
• onyphe / pyonyphe
  ☆15Updated 3 years ago
• weslambert / securityonion-misp
  ☆36Updated 4 years ago
• ReconInfoSec / rhq
  Recon Hunt Queries
  ☆77Updated 4 years ago
• gcrahay / otx_misp
  Imports Alienvault OTX pulses to a MISP instance
  ☆53Updated 3 years ago
• Yara-Rules / yara-endpoint
  Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
  ☆109Updated 7 years ago
• cudeso / tools
  Different tools, koen.vanimpe@cudeso.be
  ☆136Updated 3 weeks ago
• csirtgadgets / cif-v5
  The FASTEST way to consume threat intel.
  ☆68Updated 2 years ago
• defensivedepth / Pertinax
  Integrating Sysinternals Autoruns’ logs into Security Onion
  ☆31Updated last year
• 3c7 / yaramanager
  Simple yara rule manager
  ☆66Updated 2 years ago
• 3c7 / common-osint-model
  Converting data from services like Censys and Shodan to a common data model
  ☆50Updated last month
• philhagen / ip2geo
  Script to perform bulk local GeoIP lookups (ASN and geo) for IP addresses
  ☆101Updated 5 years ago
• xme / SANS-ISC
  Data related to the SANS Internet Storm Center
  ☆11Updated 3 weeks ago
• remg427 / misp42splunk
  A Splunk app to use MISP in background
  ☆111Updated 2 weeks ago
• sroberts / jager
  Hunting IOCs all day every day...
  ☆86Updated last year
• TheHive-Project / Cortex4py
  Python API Client for Cortex
  ☆32Updated 3 years ago
• 00010111 / smbtimeline
  ☆35Updated 9 months ago
• socprime / soc_workflow_app_ce
  SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…
  ☆94Updated 2 years ago
• sans-blue-team / NSM
  This repository is created to add value to existing Network Security Monitoring solutions.
  ☆43Updated 8 years ago
• MISP / misp-packer
  Build Automated Machine Images for MISP
  ☆28Updated 2 years ago
• csababarta / volatility_plugins
  Volatility plugins created by the author
  ☆44Updated 9 years ago
• mgreen27 / Invoke-LiveResponse
  Invoke-LiveResponse
  ☆149Updated 3 years ago
• cocaman / urlhaus
  ☆28Updated last month