Alternatives and similar repositories for kunai:

Users that are interested in kunai are comparing it to the libraries listed below

• aquasecurity / traceeshark
  Deep Linux runtime visibility meets Wireshark
  ☆255Updated this week
• YARAHQ / yara-forge
  Automated YARA Rule Standardization and Quality Assurance Tool
  ☆179Updated last week
• dfir-dd / dfir-toolkit
  CLI tools for forensic investigation of Windows artifacts
  ☆321Updated 2 months ago
• redcanaryco / redcanary-ebpf-sensor
  Red Canary's eBPF Sensor
  ☆101Updated 6 months ago
• Yamato-Security / hayabusa-rules
  Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.
  ☆149Updated this week
• cve-search / vulnerability-lookup
  Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streaml…
  ☆184Updated this week
• SigmaHQ / pySigma
  Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)
  ☆419Updated this week
• activecm / rita
  Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…
  ☆230Updated this week
• k1nd0ne / VolWeb
  A centralized and enhanced memory analysis platform
  ☆404Updated last month
• FoxIO-LLC / LogSlash
  A standard for reducing log volume without sacrificing analytical capability
  ☆198Updated last year
• jatrost / awesome-detection-rules
  This is a collection of threat detection rules / rules engines that I have come across.
  ☆277Updated 8 months ago
• volexity / threat-intel
  Signatures and IoCs from public Volexity blog posts.
  ☆345Updated last month
• M00NLIG7 / ChopChopGo
  Rapidly Search and Hunt through Linux Forensics Artifacts
  ☆183Updated last year
• SigmaHQ / sigma-cli
  The Sigma command line interface based on pySigma
  ☆141Updated 3 weeks ago
• sublime-security / sublime-platform
  A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and contr…
  ☆175Updated 3 weeks ago
• VirusTotal / yara-x
  A rewrite of YARA in Rust.
  ☆693Updated this week
• cado-security / varc
  Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of par…
  ☆252Updated 2 months ago
• Aegrah / PANIX
  Customizable Linux Persistence Tool for Security Research and Detection Engineering.
  ☆496Updated 2 weeks ago
• mitre / caldera-ot
  MITRE Caldera™ for OT Plugins & Capabilities
  ☆202Updated 2 months ago
• reecdeep / segugio
  Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…
  ☆145Updated 3 months ago
• threathunters-io / laurel
  Transform Linux Audit logs for SIEM usage
  ☆730Updated this week
• PaloAltoNetworks / Unit42-timely-threat-intel
  A collection of files with indicators supporting social media posts from Palo Alto Network's Unit 42 team to disseminate timely threat in…
  ☆219Updated this week
• BushidoUK / Breach-Report-Collection
  A collection of companies that disclose adversary TTPs after they have been breached
  ☆243Updated 8 months ago
• Nirusu / how-to-setup-a-honeypot
  How to setup a honeypot with an IDS, ELK and TLS traffic inspection
  ☆154Updated 2 years ago
• Censys-Research / censeye
  ☆121Updated this week
• Neo23x0 / Loki2
  LOKI2 - Simple IOC and YARA Scanner
  ☆84Updated 5 months ago
• vm32 / Digital-Forensics-Script-for-Linux
  Advanced Bash script designed for conducting digital forensics on Linux systems
  ☆138Updated 9 months ago
• MISP / misp-playbooks
  MISP Playbooks
  ☆182Updated last month
• cgosec / Blauhaunt
  A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…
  ☆166Updated 2 months ago
• google / dfiq
  DFIQ is a collection of investigative questions and the approaches for answering them
  ☆266Updated this week