Alternatives and similar repositories for CEFly

Users that are interested in CEFly are comparing it to the libraries listed below

• BechtelCIRT / beholder
  Beholder is a shell script which installs and configures essentials to peer into your network activity.
  ☆19Updated 8 years ago
• jonschipp / mal-dnssearch
  Compare multiple log formats against malware reputation lists.
  ☆88Updated 8 years ago
• et0x / Incident-Response
  ☆36Updated 9 years ago
• TravisFSmith / MyBroElk
  Scripts for Bro IDS and ELK Stack
  ☆57Updated 10 years ago
• capesstack / capes
  Cyber Analytics Platform and Examination System (CAPES) Project Page
  ☆60Updated 6 years ago
• BinaryDefense / auto-ossec
  ☆142Updated last year
• rocknsm / rock-createiso
  Scripts used to create ISO installers of ROCK for offline installation.
  ☆10Updated 2 years ago
• SplunkSec / .conf2015
  Splunk app to support presentation at .conf2015 on free security tools and Splunk
  ☆10Updated 10 years ago
• JamesHabben / sysmon-queries
  Queries to parse sysmon event log file with microsoft logparser
  ☆56Updated 10 years ago
• paulpc / nyx
  Threat Intelligence distribution
  ☆30Updated 9 years ago
• oneoffdallas / check_ioc
  Check_ioc is a script to check for various, selectable indicators of compromise on Windows systems via PowerShell and Event Logs. It was …
  ☆80Updated 7 years ago
• P1llus / ArcSight-Rest
  Python library for the ArcSight logger REST API
  ☆27Updated 4 years ago
• MISP / ansible
  MISP - Ansible installation script
  ☆22Updated 6 years ago
• exp0se / harbinger
  Harbinger Threat Intelligence
  ☆82Updated 9 years ago
• spitfire55 / MegaDev
  Bro IDS + ELK Stack to detect and block data exfiltration
  ☆46Updated 7 years ago
• hashtagcyber / bropy
  Basic Anomaly IDS capabilities with Python and Bro
  ☆105Updated 7 years ago
• n3l5 / irFARTpull
  PowerShell script utilized to pull several forensic artifacts from a live Win7 and WinXP system without WINRM.
  ☆51Updated 7 years ago
• 0xd34db33f / gfyp
  Unification of dnstwist + SQLite + Email reporting. Set it as a cron job that runs every hour, give it a list of domains and email addres…
  ☆67Updated 7 years ago
• kamushadenes / cefevent
  ArcSight's Common Event Format library
  ☆39Updated 2 years ago
• cudeso / cudeso-honeypot
  Honeypot repo
  ☆48Updated 10 years ago
• MHaggis / sysmon-splunk-app
  Sysmon Splunk App
  ☆47Updated 7 years ago
• zeek / cheat-sheet
  The Bro/Zeek language cheat sheet
  ☆53Updated 12 years ago
• Tripwire / TARDIS
  Threat Analysis, Reconnaissance, and Data Intelligence System
  ☆125Updated 10 years ago
• IBM / data-import
  ☆48Updated 9 years ago
• jonschipp / ISLET
  Isolated, Scalable, & Lightweight Environment for Training
  ☆111Updated 6 years ago
• certsocietegenerale / event2timeline
  Simple Microsoft Windows sessions event logs visualization
  ☆153Updated 3 years ago
• thnyheim / misp2bro
  Python script that gets IOC from MISP and converts it into BRO intel files.
  ☆13Updated 9 years ago
• CIRCL / pystemon
  Monitoring tool for PasteBin-alike sites written in Python. Inspired by pastemon http://github.com/xme/pastemon
  ☆44Updated 4 years ago
• cvandeplas / ELK-forensics
  ELK configuration files for Forensic Analysts and Incident Handlers (unmaintained)
  ☆179Updated 6 years ago
• sooshie / scrape_pdf
  Python script to pull various IOCs from PDFs
  ☆15Updated 10 years ago