Alternatives and similar repositories for JA3_outlier

Users that are interested in JA3_outlier are comparing it to the libraries listed below

• cyentific-rni / SAG
  An elevated STIX representation of the MITRE ATT&CK Groups knowledge base
  ☆23Updated 3 years ago
• automate-tim / conference-materials
  Speaking materials from conferences I've given
  ☆9Updated 2 years ago
• 3c7 / infrastructure-tracking-schema
  ☆24Updated 2 years ago
• nccgroup / yaml2yara
  Generate bulk YARA rules from YAML input
  ☆22Updated 5 years ago
• StefanKelm / yara-rules
  Links to malware-related YARA rules
  ☆15Updated 2 years ago
• sans-blue-team / sec555-mdwiki-v1
  ☆11Updated 4 years ago
• theparanoids / rdfp
  Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
  ☆39Updated last year
• 2igosha / sunburst_dga
  ☆22Updated 4 years ago
• aaronst / talks
  Presentation materials for talks I've given.
  ☆20Updated 5 years ago
• yasser-alghamdi / winterfell-hunt
  Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…
  ☆15Updated 4 years ago
• StrangerealIntel / DeltaFlare
  ☆12Updated 3 years ago
• mohlcyber / MISP-MVISION-EDR
  Integration between MISP platform and McAfee MVISION EDR
  ☆14Updated 3 years ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆22Updated 7 months ago
• CyCat-project / cycat-taxonomy
  CyCAT.org taxonomies
  ☆15Updated 4 years ago
• micrictor / smbfp
  Zeek package to generate a SMB client fingerprint
  ☆27Updated 5 years ago
• nasbench / Awesome-Detection-Engineering
  Resources and Discussions About Detection Engineering
  ☆12Updated 2 years ago
• Cluster25 / detection
  Threat Detection Rules (Snort/Sigma/Yara)
  ☆13Updated last year
• g-les / macho_similarity
  Conceptual Methods for Finding Commonalities in Macho Files
  ☆12Updated last year
• tasox / Epimitheus
  Epimitheus is a tool that uses graphical database Neo4j for Windows Events visualization.
  ☆19Updated 3 years ago
• cocaman / analysis_scripts
  Collection of scripts used to analyse malware or emails
  ☆19Updated 4 years ago
• SekoiaLab / FastIR_Server
  The FastIR Server is a Web server to schedule FastIR Collector forensics collect thanks to the FastIR Agent
  ☆12Updated 8 years ago
• StamusNetworks / surimisp
  Check IOC provided by a MISP instance on Suricata events
  ☆17Updated 6 years ago
• nettitude / PoshC2_IOCs
  A list of IOCs applicable to PoshC2
  ☆24Updated 4 years ago
• ruppde / yara_rules
  Yara rules
  ☆21Updated 2 years ago
• Hestat / calamity
  A script to assist in processing forensic RAM captures for malware triage
  ☆27Updated 4 years ago
• corelight / got_zoom
  A Zeek package that detects Zoom logins and meeting joins
  ☆12Updated 5 years ago
• SentineLabs / TrickBot-Anchor
  This is a repository for the public blog with Labs indicators of compromise.
  ☆10Updated 5 years ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆55Updated 10 months ago
• randomuserid / Baltar
  Searches for Insider Threat Hunting
  ☆32Updated 6 years ago
• MISP / misp-sighting-server
  MISP sighting server is a fast sighting server to store and look-up sightings on attributes (network indicators, file hashes, system indi…
  ☆15Updated last year