Alternatives and similar repositories for docker-sift:

Users that are interested in docker-sift are comparing it to the libraries listed below

• weslambert / securityonion-strelka
  ☆12Updated 5 years ago
• Kathayra / threathuntingmaturitymodel
  Build your own threat hunting maturity model
  ☆11Updated 7 years ago
• ThreatResponse / threatresponse_web
  Web based analysis platform for use with the AWS_IR command line tool.
  ☆17Updated 8 years ago
• jipegit / FECT
  Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer
  ☆42Updated 4 years ago
• defensivedepth / Sysmon_OSSEC
  OSSEC Decoder & Rulesets for Sysmon Events
  ☆15Updated 9 years ago
• MISP / misp-packer
  Build Automated Machine Images for MISP
  ☆28Updated last year
• ministryofpromise / splunk2resilient
  splunk alert script to create resilient tickets
  ☆10Updated 8 years ago
• JamesHabben / sysmon-queries
  Queries to parse sysmon event log file with microsoft logparser
  ☆56Updated 9 years ago
• idiom / IRScripts
  Incident Response Scripts
  ☆30Updated 4 years ago
• jaegeral / FireMISP
  FireEye Alert json files to MISP Malware information sharing plattform (Alpha)
  ☆32Updated 7 years ago
• jheise / threatcmd
  Cli interface to threatcrowd.org
  ☆19Updated 7 years ago
• neu5ron / WinLogsZero2Hero
  This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.
  ☆22Updated 7 years ago
• gburkle / Stalker
  Threat Intel and Incident Reponse
  ☆10Updated 6 years ago
• MISP / misp-vagrant
  Deploy MISP Project software with Vagrant.
  ☆43Updated 4 years ago
• EmergingThreats / cuckoo-1.1
  cuckoo-1.1 fork with suricata/moloch/clamav and other goodies
  ☆23Updated 9 years ago
• dougiep16 / actortrackr
  Home to the ActorTrackr source code
  ☆24Updated 7 years ago
• kidcrash22 / Sysmon-Threat-Intel
  ☆12Updated 6 years ago
• coolacid / logstash-filter-virustotal
  Virustotal Lookup filter for Logstash
  ☆16Updated 7 years ago
• MHaggis / app_splunk_sysmon_hunter
  Splunk App to assist Sysmon Threat Hunting
  ☆38Updated 7 years ago
• n3l5 / irCRpull
  irCRpull is a PowerShell script utilized to pull several system artifacts, utilizing the free tool CrowdResponse, from a live Win7+ syste…
  ☆13Updated 9 years ago
• philhagen / timeshift
  A python script to shift the timestamp on syslog data. Useful for forensicators combating time skew.
  ☆20Updated 2 years ago
• c2defense / windows-event-collection
  Subscriptions to collect Windows Event Logs mapped to the MITRE ATT&CK model
  ☆12Updated 4 years ago
• LogRhythm-Labs / VirusTotal
  VirusTotal SIEM Integration and Automation
  ☆18Updated 8 years ago
• chaoticmachinery / mass_triage_tools
  Mass Triage Tools
  ☆20Updated 6 months ago
• brianwarehime / otx_transforms
  Transforms for the AlienVault OTX service
  ☆39Updated 8 years ago
• PwCUK-CTO / OperationCloudHopper
  Indicators of compromise relating to our report on APT10's targeting of global MSPs
  ☆10Updated 7 years ago
• sans-blue-team / course_indices
  Indices for courses in SANS' Network Security Operations curriculum
  ☆15Updated 8 years ago
• JimmyAstle / Atomic-Parser
  Python parser for Red Canary's Atomic Red Team Yamls
  ☆27Updated 5 years ago
• devgc / SrumMonkey
  Tool to parse SRU database
  ☆24Updated 6 years ago
• z3ndrag0n / forensicator-fate
  Bringing DevOps to Forensics
  ☆34Updated 9 years ago