Alternatives and similar repositories for CICAT

Users that are interested in CICAT are comparing it to the libraries listed below

• cyentific-rni / stix2.1-coa-playbook-extension
  A STIX 2.1 Extension Definition for the Course of Action (COA) object type. The nested property extension allows a COA to share machine-r…
  ☆23Updated last year
• oasis-open / cti-stix-generator
  OASIS Cyber Threat Intelligence (CTI) TC: A tool for generating STIX content for prototyping and testing. https://github.com/oasis-open/c…
  ☆41Updated last year
• sans-blue-team / sec555-mdwiki-v1
  ☆11Updated 4 years ago
• amzn / zeek-plugin-tds
  Zeek network security monitor plugin that enables parsing of the Tabular Data Stream (TDS) protocol
  ☆24Updated last year
• opencybersecurityalliance / oca-iob
  Augmentation to Machine Readable CTI
  ☆31Updated last month
• santiago-bassett / Alienvault-Demo_scripts
  Scripts to inject demo data and network traffic into an existing Alienvault/OSSIM installation
  ☆21Updated 7 years ago
• cyentific-rni / SAG
  An elevated STIX representation of the MITRE ATT&CK Groups knowledge base
  ☆23Updated 3 years ago
• sans-blue-team / course_indices
  Indices for courses in SANS' Network Security Operations curriculum
  ☆16Updated 9 years ago
• vz-risk / flow
  Tools related to work with Attack Flow (https://github.com/center-for-threat-informed-defense/attack-flow)
  ☆44Updated 3 years ago
• mitre / engage
  MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.
  ☆65Updated last year
• cutaway-security / ROSA_Jumpkit
  Remote / Onsite Security Assessment Jumpkit
  ☆39Updated last year
• tropChaud / Cyber-Adversary-Heatmaps
  Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.
  ☆35Updated 2 years ago
• CanTopay / thehive-playbook-creator
  A script to create and assign SOP tasks into the cases
  ☆20Updated 4 years ago
• opencybersecurityalliance / documentation
  OCA-wide documentation shared by all sub-projects and repositories
  ☆33Updated 7 months ago
• MISP / misp-rfc
  Specifications used in the MISP project including MISP core format
  ☆51Updated 5 months ago
• opencybersecurityalliance / kestrel-analytics
  This repository hosts community contributed Kestrel analytics
  ☆17Updated last year
• CyCat-project / cycat-service
  CyCAT.org API back-end server including crawlers
  ☆29Updated 2 years ago
• cisagov / icsnpp-bacnet
  Zeek BACnet Parser - CISA ICSNPP
  ☆20Updated 2 months ago
• JHUAPL / Low-Regret-Methodology
  ☆28Updated 4 years ago
• smartgridadsc / Goose-protocol-parser-for-Zeek-IDS
  ☆21Updated 3 years ago
• CybercentreCanada / assemblyline-core
  Core server components for Assemblyline 4 (Alerter, dispatcher, expiry, ingester, scaler, updater, ...)
  ☆21Updated this week
• opencybersecurityalliance / firepit
  Firepit - STIX Columnar Storage
  ☆16Updated last year
• opencybersecurityalliance / kestrel-jupyter
  Kestrel Jupyter Notebook Kernel
  ☆9Updated last year
• mitre / human
  Caldera plugin to deploy "humans" to emulate user behavior on systems
  ☆28Updated last year
• idaholab / EMV
  Exploit, Malware and Vulnerability Scoring Application
  ☆13Updated last year
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆35Updated 2 years ago
• sans-blue-team / sec455-wiki
  ☆30Updated 6 years ago
• atc-project / atc-mitigation
  Actionable analytics designed to combat threats based on MITRE's ATT&CK.
  ☆22Updated 5 years ago
• mnemonic-no / provreq
  Adversary Emulation Planner
  ☆39Updated 11 months ago
• weslambert / securityonion-misp
  ☆35Updated 4 years ago