Alternatives and similar repositories for networkforensics

Users that are interested in networkforensics are comparing it to the libraries listed below

• SecurityNik / SUWtHEh-
  Learning by Practising - Hack & Detect - A Practical Guide to Hacking and its Detection via network forensics
  ☆78Updated last year
• TheHive-Project / DigitalShadows2TH
  DigitalShadows Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform
  ☆38Updated 6 years ago
• activecm / threat-hunting-labs
  Collection of walkthroughs on various threat hunting techniques
  ☆75Updated 4 years ago
• SecurityNik / pktIntel
  Tool used to perform threat intelligence against packet data
  ☆35Updated 5 months ago
• shr3ddersec / ThreatHunting
  Reference sheet for Threat Hunting Professional Course
  ☆25Updated 6 years ago
• TheHive-Project / Zerofox2TH
  Zerofox Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform
  ☆38Updated 5 years ago
• MarkBaggett / apiify
  Wrap any binary into a cached webserver
  ☆53Updated 3 years ago
• 13Cubed / Abeebus
  A GeoIP lookup utility utilizing ipinfo.io services.
  ☆89Updated last year
• DFIRmadness / infosec-fortress
  A python script to turn Ubuntu Desktop in a one stop security platform. The InfoSec Fortress installs the packages,tools, and resources t…
  ☆54Updated 3 years ago
• adhdproject / awesome-active-defense
  an awesome list of active defense resources
  ☆123Updated 5 years ago
• docker-forensics-toolkit / toolkit
  A toolkit for the post-mortem examination of Docker containers from forensic HDD copies
  ☆103Updated last year
• Security-Onion-Solutions / securityonion-docs
  ☆89Updated last week
• corelight / threat-hunting-guide
  ☆51Updated 3 years ago
• threat-hunting / awesome-threat-intelligence
  A curated list of Awesome Threat Intelligence resources
  ☆46Updated 6 years ago
• mytechnotalent / Zeek-Network-Security-Monitor
  A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the…
  ☆62Updated 2 years ago
• sans-blue-team / sec555-wiki
  ☆77Updated 6 years ago
• P3t3rp4rk3r / Threat_Intelligence
  Threat-Intelligence Feeds & Tools & Frameworks
  ☆219Updated last year
• weslambert / securityonion-misp
  ☆36Updated 4 years ago
• mayhemiclabs / weblabyrinth
  A system that creates a bogus web structure to entrap and delay web scanners
  ☆60Updated 4 years ago
• andreafortuna / autotimeliner
  Automagically extract forensic timeline from volatile memory dump
  ☆131Updated last year
• RH-ISAC / PyOTI
  Python library for threat intelligence
  ☆87Updated 6 months ago
• BushidoUK / CTI-Lexicon
  Dictionary of CTI-related acronyms, terms, and jargon
  ☆143Updated last year
• andreafortuna / malhunt
  Hunt malware with Volatility
  ☆47Updated last week
• mattnotmax / DFIR-notes
  Random notes collected on the intertubes relating to DFIR
  ☆34Updated 2 years ago
• michaelhidalgo / attack-to-elk
  This program exports MITRE ATT&CK framework in ELK dashboard
  ☆79Updated 2 years ago
• mosse-security / threat-hunting-samples
  Three datasets to practice Threat Hunting against.
  ☆46Updated last year
• sans-blue-team / sec530-wiki
  ☆54Updated 4 years ago
• center-for-threat-informed-defense / caldera_pathfinder
  Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translatin…
  ☆126Updated 3 months ago
• AJMartel / IRTriage
  Incident Response Triage - Windows Evidence Collection for Forensic Analysis
  ☆134Updated 9 years ago
• Maboalenen / DFIR
  Incident response teams usually working on the offline data, collecting the evidence, then analyze the data
  ☆45Updated 3 years ago