Alternatives and similar repositories for networkforensics:

Users that are interested in networkforensics are comparing it to the libraries listed below

• SecurityNik / pktIntel
  Tool used to perform threat intelligence against packet data
  ☆35Updated 2 months ago
• cisagov / ACID
  ☆68Updated 7 months ago
• corelight / threat-hunting-guide
  ☆51Updated 3 years ago
• cutaway-security / chaps
  Configuration Hardening Assessment PowerShell Script (CHAPS)
  ☆179Updated 11 months ago
• mayhemiclabs / weblabyrinth
  A system that creates a bogus web structure to entrap and delay web scanners
  ☆59Updated 3 years ago
• sans-blue-team / sec555-wiki
  ☆77Updated 5 years ago
• splunk / attack-detections-collector
  Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique
  ☆67Updated last year
• dhoelzer / ShowMeThePackets
  Useful network monitoring, analysis, and active response tools used or mentioned in the SANS SEC503 course (https://www.sans.org/course/i…
  ☆221Updated 3 months ago
• TheHive-Project / DigitalShadows2TH
  DigitalShadows Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform
  ☆35Updated 5 years ago
• cti-cmm / framework
  A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry N…
  ☆26Updated last week
• michaelhidalgo / attack-to-elk
  This program exports MITRE ATT&CK framework in ELK dashboard
  ☆78Updated 2 years ago
• mitre / emu
  This CALDERA Plugin converts Adversary Emulation Plans from the Center for Threat Informed Defense
  ☆30Updated 3 weeks ago
• mosse-security / threat-hunting-samples
  Three datasets to practice Threat Hunting against.
  ☆43Updated last year
• shr3ddersec / ThreatHunting
  Reference sheet for Threat Hunting Professional Course
  ☆25Updated 6 years ago
• csirtgadgets / cif-v5
  The FASTEST way to consume threat intel.
  ☆68Updated last year
• karthikkbala / MISP-QRadar-Integration
  The Project can be used to integrate QRadar with MISP Threat Sharing Platform
  ☆39Updated 2 years ago
• joshlemon / DFIR-Reference-Frameworks
  Repository of public reference frameworks for the DFIR community.
  ☆115Updated last year
• S3cur1tyH4ggis / ICS-Security-Products
  Lists of products useful for ICS security
  ☆102Updated 9 months ago
• selmux / Alhasawi-ICS-OT-Security-projetcs
  ICS security resources
  ☆98Updated last month
• marcurdy / dfir-toolset
  Dump of organized knowledge on DFIR
  ☆134Updated 3 years ago
• Maboalenen / DFIR
  Incident response teams usually working on the offline data, collecting the evidence, then analyze the data
  ☆44Updated 3 years ago
• PacktPublishing / Practical-Threat-Detection-Engineering
  Practical Threat Detection Engineering, Published by Packt
  ☆67Updated last year
• SecurityNik / Data-Science-and-ML
  ☆35Updated this week
• annamcabee / Mitre-Attack-API
  Python module to interact with the MITRE attack framework via the MITRE API
  ☆76Updated 7 years ago
• mattnotmax / DFIR-notes
  Random notes collected on the intertubes relating to DFIR
  ☆32Updated last year
• cisagov / ICSNPP
  Industrial Control Systems Network Protocol Parsers
  ☆162Updated 2 months ago
• 13Cubed / Abeebus
  A GeoIP lookup utility utilizing ipinfo.io services.
  ☆86Updated last year
• activecm / threat-hunting-labs
  Collection of walkthroughs on various threat hunting techniques
  ☆75Updated 4 years ago
• icsadvprj / ICS-Advisory-Project
  The ICS Advisory Project is an open-source project to provide DHS CISA ICS Advisories data in Comma Separated Value (CSV) format to suppo…
  ☆78Updated this week
• Loginsoft-LLC / threat-detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆51Updated 2 years ago