Alternatives and similar repositories for docker-sift

Users that are interested in docker-sift are comparing it to the libraries listed below

• MISP / misp-packer
  Build Automated Machine Images for MISP
  ☆29Updated 2 years ago
• danielguerra69 / bro-debian-elasticsearch
  bro on debian with elasticsearch support
  ☆24Updated 8 years ago
• defensivedepth / Sysmon_OSSEC
  OSSEC Decoder & Rulesets for Sysmon Events
  ☆15Updated 10 years ago
• jaegeral / awesome-incident-response-pro-bono
  This repository is a curated list of pro bono incident response entities.
  ☆21Updated 2 years ago
• JamesHabben / sysmon-queries
  Queries to parse sysmon event log file with microsoft logparser
  ☆58Updated 10 years ago
• Security-Onion-Solutions / securityonion-elastic
  Security Onion Elastic Stack
  ☆46Updated 5 years ago
• jipegit / FECT
  Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer
  ☆41Updated 5 years ago
• MHaggis / app_splunk_sysmon_hunter
  Splunk App to assist Sysmon Threat Hunting
  ☆38Updated 8 years ago
• target / attack-navigator-docker
  A simple Docker container that serves the MITRE ATT&CK Navigator web app
  ☆27Updated 2 years ago
• dougiep16 / actortrackr
  Home to the ActorTrackr source code
  ☆24Updated 8 years ago
• jaegeral / FireMISP
  FireEye Alert json files to MISP Malware information sharing plattform (Alpha)
  ☆32Updated 8 years ago
• harvard-itsecurity / qradar-seculert-push
  Push "BAD" IPs/Networks into QRadar's "Remote Networks", tag them properly, and use them!
  ☆18Updated 12 years ago
• CIRCL / traceroute-circl
  Traceroute improved wrapper for CSIRT and CERT operators
  ☆40Updated last year
• AlmCo / Panorama
  Fast incident overview
  ☆41Updated 8 years ago
• AlienVault-OTX / ThreatCrowd-Maltego
  Maltego transforms for the ThreatCrowd search API
  ☆47Updated 7 years ago
• sroberts / threat-intel-templates
  A set of templates for documenting threat intelligence
  ☆75Updated 12 years ago
• ciscocsirt / dhp
  Simple Docker Honeypot server emulating small snippets of the Docker HTTP API
  ☆33Updated 5 years ago
• SMAPPER / NXLog-AutoConfig
  ☆50Updated 5 years ago
• Cyb3rWard0g / CyberWardogLab
  A few scripts I put together for testing purposes and to automate a few capabilities while doing IR. These scripts are also part of my bl…
  ☆56Updated 8 years ago
• da667 / AutoMISP
  automate your MISP installs
  ☆68Updated 5 years ago
• Invoke-IR / PowerForensicsPortable
  ☆33Updated last year
• weslambert / securityonion-strelka
  ☆13Updated 6 years ago
• oneoffdallas / check_ioc
  Check_ioc is a script to check for various, selectable indicators of compromise on Windows systems via PowerShell and Event Logs. It was …
  ☆79Updated 8 years ago
• ThreatResponse / threatresponse_web
  Web based analysis platform for use with the AWS_IR command line tool.
  ☆17Updated 9 years ago
• Cyb3rWard0g / presentations
  Presentation Slides and Video links
  ☆32Updated 4 years ago
• Neo23x0 / ti-falsepositives
  A collection of typical false positive indicators
  ☆56Updated 5 years ago
• SecurityNik / QRadar---Threat-Intelligence-On-The-Cheap
  Download a list of suspected malicious IPs and Domains. Create a QRadar Reference Set. Search Your Environment For Malicious IPs
  ☆69Updated 4 years ago
• MISP / MISPego
  Maltego Transform to put entities into MISP events
  ☆28Updated 4 years ago
• WiredPulse / AutomatedProfiler
  Automated forensics written in PowerShell
  ☆34Updated 6 years ago
• bromiley / tools
  Various tools and scripts
  ☆43Updated 3 years ago