Alternatives and similar repositories for docker-sift

Users that are interested in docker-sift are comparing it to the libraries listed below

• danielguerra69 / bro-debian-elasticsearch
  bro on debian with elasticsearch support
  ☆24Updated 8 years ago
• Security-Onion-Solutions / securityonion-elastic
  Security Onion Elastic Stack
  ☆46Updated 4 years ago
• MISP / misp-packer
  Build Automated Machine Images for MISP
  ☆28Updated 2 years ago
• oneoffdallas / check_ioc
  Check_ioc is a script to check for various, selectable indicators of compromise on Windows systems via PowerShell and Event Logs. It was …
  ☆79Updated 7 years ago
• averagesecurityguy / blue
  Scripts that are suited for blue teams
  ☆33Updated 9 years ago
• sneakymonk3y / foxhound-nsm
  Foxhound: Blackbox - A Raspberry Pi NSM
  ☆37Updated 7 years ago
• StamusNetworks / ansible-misp
  Ansible playbook to install Malware Information Sharing Platform (MISP)
  ☆17Updated 10 years ago
• EmergingThreats / cuckoo-1.1
  cuckoo-1.1 fork with suricata/moloch/clamav and other goodies
  ☆23Updated 10 years ago
• philhagen / timeshift
  A python script to shift the timestamp on syslog data. Useful for forensicators combating time skew.
  ☆21Updated 3 years ago
• initconf / brocon-15
  brocon-15 scripts
  ☆13Updated 8 years ago
• ThreatResponse / threatresponse_web
  Web based analysis platform for use with the AWS_IR command line tool.
  ☆17Updated 9 years ago
• jaegeral / awesome-incident-response-pro-bono
  This repository is a curated list of pro bono incident response entities.
  ☆20Updated 2 years ago
• jipegit / FECT
  Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer
  ☆42Updated 5 years ago
• exp0se / harbinger
  Harbinger Threat Intelligence
  ☆82Updated 9 years ago
• capesstack / capes
  Cyber Analytics Platform and Examination System (CAPES) Project Page
  ☆60Updated 6 years ago
• davidhowell-tx / PS-DigitalForensics
  PowerShell scripts for Hard Drive forensics and parsing Windows Artifacts
  ☆56Updated 4 years ago
• CIRCL / traceroute-circl
  Traceroute improved wrapper for CSIRT and CERT operators
  ☆38Updated 10 months ago
• MHaggis / app_splunk_sysmon_hunter
  Splunk App to assist Sysmon Threat Hunting
  ☆38Updated 8 years ago
• Cyb3rWard0g / presentations
  Presentation Slides and Video links
  ☆32Updated 3 years ago
• JamesHabben / sysmon-queries
  Queries to parse sysmon event log file with microsoft logparser
  ☆56Updated 10 years ago
• idiom / IRScripts
  Incident Response Scripts
  ☆30Updated 5 years ago
• target / attack-navigator-docker
  A simple Docker container that serves the MITRE ATT&CK Navigator web app
  ☆27Updated 2 years ago
• JamesHabben / EnCaseNetworkFramework
  This is a framework written in EnScript to utilize the network capabilities of EnCase. The purpose is to allow for someone to build a qui…
  ☆13Updated 10 years ago
• paulpc / nyx
  Threat Intelligence distribution
  ☆30Updated 9 years ago
• AnttiKurittu / kirjuri
  Kirjuri is a web application for managing cases and physical forensic evidence items.
  ☆107Updated 4 years ago
• dnlongen / Snort-DNS
  Snort rules to detect local malware, phishing, and adult content by inspecting DNS responses from OpenDNS
  ☆52Updated 8 years ago
• xme / mime2vt
  Unpack MIME attachments from a file and check them against virustotal.com
  ☆44Updated 9 years ago
• philcryer / prickly-pete
  A script using Docker to quickly bring up some honeypots exposing lots of services. For research, reconnaissance, and fun. (DISCLAIMER ma…
  ☆36Updated this week
• adulau / threat-intelligence.eu
  threat-intelligence.eu website and repository of information about open standards, documents, methodologies and processes in threat intel…
  ☆48Updated 2 years ago
• sroberts / threat-intel-templates
  A set of templates for documenting threat intelligence
  ☆75Updated 12 years ago