Alternatives and similar repositories for xsoar-md

Users that are interested in xsoar-md are comparing it to the libraries listed below

• P1llus / ArcSight-Rest
  Python library for the ArcSight logger REST API
  ☆27Updated 3 years ago
• rkovar / splunk-hunting-helpers
  ☆55Updated 3 years ago
• OTRF / notebooks-forge
  A collection of notebooks built for defensive and offensive operations.
  ☆77Updated 4 years ago
• PaloAltoNetworks / minemeld-misp
  MineMeld nodes for MISP
  ☆19Updated last year
• da667 / AutoMISP
  automate your MISP installs
  ☆68Updated 4 years ago
• capesstack / capes
  Cyber Analytics Platform and Examination System (CAPES) Project Page
  ☆60Updated 5 years ago
• georgestarcher / Splunk-ESIntel-KVStore
  Splunk csv to KVStore ES Threat Intel
  ☆11Updated 8 years ago
• Foundstone / InvestigationPlaybookSpec
  InvestigationPlaybookSpec
  ☆73Updated 7 years ago
• Neo23x0 / ti-falsepositives
  A collection of typical false positive indicators
  ☆55Updated 4 years ago
• ncsa / bro-doctor
  ☆23Updated 5 years ago
• daveherrald / scansio-sonar-splunk
  Python scripts to download, parse, and enrich scans.io study data and load into Splunk for research, threat intelligence gathering, and s…
  ☆19Updated last week
• hire-vladimir / SA-NetOps
  Allows for MAC address to vendor mapping in Splunk
  ☆16Updated last year
• spitfire55 / MegaDev
  Bro IDS + ELK Stack to detect and block data exfiltration
  ☆46Updated 6 years ago
• phantomcyber / phantom-community-projects
  This repo represents work the Phantom Community collaborates on to build apps and learn.
  ☆12Updated 4 years ago
• splunk / TA-osquery
  A Splunk technology add-on for osquery
  ☆14Updated 4 years ago
• 0xtf / testmynids.org
  A website and framework for testing NIDS detection
  ☆57Updated 3 years ago
• atc-project / atc-mitigation
  Actionable analytics designed to combat threats based on MITRE's ATT&CK.
  ☆22Updated 5 years ago
• EmersonElectricCo / pyFireEye
  Python API bindings for FireEye Products
  ☆13Updated 4 years ago
• philhagen / timeshift
  A python script to shift the timestamp on syslog data. Useful for forensicators combating time skew.
  ☆21Updated 3 years ago
• rocknsm / rock-dashboards
  Dashboards and loader for ROCK NSM dashboards
  ☆48Updated 2 years ago
• neu5ron / WinLogsZero2Hero
  This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.
  ☆22Updated 7 years ago
• georgestarcher / Splunk-Alert
  Example Splunk Alert Scripts
  ☆20Updated 10 years ago
• remg427 / misp42splunk
  A Splunk app to use MISP in background
  ☆110Updated last month
• vmware-archive / cb-reporting
  Report Generation from the Carbon Black REST API
  ☆15Updated 3 years ago
• MHaggis / sysmon-splunk-app
  Sysmon Splunk App
  ☆46Updated 6 years ago
• rocknsm / docket
  A RESTful API frontend for Stenographer
  ☆54Updated 2 years ago
• MISP / misp-packer
  Build Automated Machine Images for MISP
  ☆28Updated 2 years ago
• MalwareSoup / sysmon2neo4j
  ☆15Updated 7 years ago
• PaloAltoNetworks / minemeld-ansible
  Ansible playbook for installing MineMeld on Linux
  ☆48Updated 4 years ago
• eCrimeLabs / MISP2CbR
  Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.
  ☆20Updated 3 years ago