Alternatives and similar repositories for spl-parser

Users that are interested in spl-parser are comparing it to the libraries listed below

• OTRF / OSSEM-CDM
  OSSEM Common Data Model
  ☆56Updated 3 years ago
• opencybersecurityalliance / firepit
  Firepit - STIX Columnar Storage
  ☆17Updated last year
• chronicle / api-samples-python
  Python samples and utilities for Chronicle APIs
  ☆88Updated 3 months ago
• target / strelka-ui
  Strelka Web UI for File Submission and Analysis
  ☆74Updated 2 weeks ago
• runreveal / sigmalite
  ☆51Updated last month
• grapl-security / grapl-analyzers
  Hosted analyzers built for Grapl
  ☆14Updated 3 years ago
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆136Updated last year
• tiburon-security / sriracha-iq
  Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…
  ☆18Updated 5 years ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆38Updated 3 years ago
• OpenCTI-Platform / datasets
  OpenCTI datasets
  ☆29Updated 2 months ago
• corelight / got_zoom
  A Zeek package that detects Zoom logins and meeting joins
  ☆12Updated 5 years ago
• sandialabs / gait
  Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies
  ☆39Updated 5 months ago
• Shuffle / workflows
  Workflows for Shuffle
  ☆24Updated 3 years ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆55Updated last year
• atc-project / react-navigator
  Web app that provides basic navigation and annotation of ATT&CK matrices
  ☆17Updated 5 years ago
• Xyrodileas / misp-k8s
  Automated deployment of MISP and MISP-Dashboard via K8S and AWS
  ☆19Updated 6 years ago
• cyentific-rni / stix2.1-coa-playbook-extension
  A STIX 2.1 Extension Definition for the Course of Action (COA) object type. The nested property extension allows a COA to share machine-r…
  ☆23Updated 2 years ago
• zeek / zeek-agent-v2
  Open source endpoint agent providing host information to Zeek. [v2]
  ☆90Updated 2 weeks ago
• center-for-threat-informed-defense / sightings_ecosystem
  Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE…
  ☆38Updated 8 months ago
• splunk / salo
  Synthetic Adversarial Log Objects: A Framework for synthentic log generation
  ☆85Updated 2 years ago
• OTRF / OSSEM-DD
  OSSEM Data Dictionaries
  ☆65Updated last year
• cyentific-rni / security-playbook-stix-misp-exchange
  This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…
  ☆16Updated 3 years ago
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated 3 months ago
• mitre / stockpile
  A CALDERA plugin
  ☆79Updated last week
• anelshaer / Remote-Linux-Triage-Collection-using-OSquery
  Remotely collect linux live forensics artifacts.
  ☆14Updated 3 years ago
• priamai / sigmatau
  An extension of the sigma standard to include security metrics.
  ☆15Updated 2 years ago
• opencybersecurityalliance / kestrel-huntbook
  This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)
  ☆36Updated 2 years ago
• opencybersecurityalliance / kestrel-jupyter
  Kestrel Jupyter Notebook Kernel
  ☆10Updated 2 years ago
• m-chrome / py-suricataparser
  Pure python parser for Snort/Suricata rules.
  ☆33Updated last year
• oasis-tcs / cacao
  OASIS CACAO TC: Official repository for work of the CACAO TC https://github.com/oasis-tcs/cacao
  ☆31Updated 2 years ago