Alternatives and similar repositories for kunai:

Users that are interested in kunai are comparing it to the libraries listed below

• aquasecurity / traceeshark
  Deep Linux runtime visibility meets Wireshark
  ☆259Updated last week
• activecm / rita
  Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…
  ☆236Updated last week
• redcanaryco / redcanary-ebpf-sensor
  Red Canary's eBPF Sensor
  ☆101Updated 7 months ago
• vulnerability-lookup / vulnerability-lookup
  Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streaml…
  ☆208Updated this week
• YARAHQ / yara-forge
  Automated YARA Rule Standardization and Quality Assurance Tool
  ☆190Updated last week
• threathunters-io / laurel
  Transform Linux Audit logs for SIEM usage
  ☆743Updated this week
• dfir-dd / dfir-toolkit
  CLI tools for forensic investigation of Windows artifacts
  ☆324Updated 3 months ago
• Yamato-Security / hayabusa-rules
  Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.
  ☆156Updated this week
• mitre / caldera-ot
  MITRE Caldera™ for OT Plugins & Capabilities
  ☆202Updated 2 months ago
• volexity / threat-intel
  Signatures and IoCs from public Volexity blog posts.
  ☆348Updated this week
• jatrost / awesome-detection-rules
  This is a collection of threat detection rules / rules engines that I have come across.
  ☆280Updated 9 months ago
• Censys-Research / censeye
  ☆124Updated last week
• PaloAltoNetworks / Unit42-timely-threat-intel
  A collection of files with indicators supporting social media posts from Palo Alto Network's Unit 42 team to disseminate timely threat in…
  ☆234Updated this week
• k1nd0ne / VolWeb
  A centralized and enhanced memory analysis platform
  ☆429Updated last week
• SigmaHQ / pySigma
  Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)
  ☆427Updated 2 weeks ago
• CERT-Polska / karton
  Distributed malware processing framework based on Python, Redis and S3.
  ☆401Updated 3 weeks ago
• VirusTotal / yara-x
  A rewrite of YARA in Rust.
  ☆710Updated this week
• MISP / misp-playbooks
  MISP Playbooks
  ☆183Updated this week
• FoxIO-LLC / LogSlash
  A standard for reducing log volume without sacrificing analytical capability
  ☆199Updated last year
• reecdeep / segugio
  Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…
  ☆145Updated 4 months ago
• Neo23x0 / Loki2
  LOKI2 - Simple IOC and YARA Scanner
  ☆84Updated 6 months ago
• M00NLIG7 / ChopChopGo
  Rapidly Search and Hunt through Linux Forensics Artifacts
  ☆189Updated last year
• mdecrevoisier / SIGMA-detection-rules
  Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques
  ☆343Updated last month
• muchdogesec / awesome_threat_intel_blogs
  A curated list of Awesome Threat Intelligence Blogs
  ☆368Updated last week
• UncoderIO / Uncoder_IO
  An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.
  ☆139Updated 2 weeks ago
• mthcht / ThreatHunting-Keywords
  Awesome list of keywords and artifacts for Threat Hunting sessions
  ☆518Updated this week
• SigmaHQ / sigma-cli
  The Sigma command line interface based on pySigma
  ☆144Updated 3 weeks ago
• facebookincubator / TTPForge
  The TTPForge is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs).
  ☆355Updated this week
• 0x4D31 / detection-and-response-pipeline
  ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …
  ☆268Updated last year
• Aegrah / PANIX
  Customizable Linux Persistence Tool for Security Research and Detection Engineering.
  ☆532Updated last week