Alternatives and similar repositories for firepit

Users that are interested in firepit are comparing it to the libraries listed below

• opencybersecurityalliance / kestrel-jupyter
  Kestrel Jupyter Notebook Kernel
  ☆9Updated last year
• cyentific-rni / SAG
  An elevated STIX representation of the MITRE ATT&CK Groups knowledge base
  ☆23Updated 3 years ago
• MISP / misp-rfc
  Specifications used in the MISP project including MISP core format
  ☆51Updated 5 months ago
• cyentific-rni / stix2.1-coa-playbook-extension
  A STIX 2.1 Extension Definition for the Course of Action (COA) object type. The nested property extension allows a COA to share machine-r…
  ☆23Updated last year
• cyentific-rni / security-playbook-stix-misp-exchange
  This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…
  ☆16Updated 2 years ago
• CyCat-project / cycat-service
  CyCAT.org API back-end server including crawlers
  ☆29Updated 2 years ago
• opencybersecurityalliance / PACE
  Posture Attribute Collection and Evaluation
  ☆23Updated 2 years ago
• CybercentreCanada / assemblyline-core
  Core server components for Assemblyline 4 (Alerter, dispatcher, expiry, ingester, scaler, updater, ...)
  ☆21Updated this week
• TracecatHQ / hunts
  🐻‍❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.
  ☆11Updated last year
• blackstork-io / fabric-templates
  Open-source Fabric templates for cybersecurity and compliance
  ☆20Updated 5 months ago
• sebdraven / IOCmite
  Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert
  ☆36Updated 2 years ago
• Cluster25 / detection
  Threat Detection Rules (Snort/Sigma/Yara)
  ☆13Updated last year
• COSSAS / sacti
  SACTI - Securely aggregate CTI sightings and report them on MISP
  ☆14Updated 2 years ago
• OTRF / OSSEM-CDM
  OSSEM Common Data Model
  ☆55Updated 2 years ago
• Loginsoft-LLC / threat-detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆52Updated 2 years ago
• JHUAPL / Low-Regret-Methodology
  ☆28Updated 4 years ago
• vertexproject / synapse-quickstart
  Get started using Synapse Open-Source to start a Cortex and perform analysis within your area of expertise.
  ☆44Updated 3 years ago
• CyCat-project / cycat-taxonomy
  CyCAT.org taxonomies
  ☆15Updated 4 years ago
• cudeso / misp-scraper
  A web scraper to create MISP events and reports
  ☆16Updated this week
• DevoInc / sightingdb
  Sighting DB is designed to scale writing and reading a count of attributes, tracking when if was first and last seen
  ☆16Updated last year
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated this week
• socprime / SigmaRulesIntegration
  ☆15Updated 7 years ago
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆35Updated last year
• opencybersecurityalliance / kestrel-huntbook
  This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)
  ☆33Updated last year
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆55Updated 11 months ago
• hashlookup / a-ray-grass
  a-ray-grass is a yara module that provides support for DCSO-format bloom filters in yara. In the context of hashlookup, it allows quickly…
  ☆14Updated 2 years ago
• Shuffle / workflows
  Workflows for Shuffle
  ☆23Updated 2 years ago
• tropChaud / Cyber-Adversary-Heatmaps
  Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.
  ☆35Updated 2 years ago
• cudeso / misp-training-environment
  Setting up a training environment for MISP
  ☆12Updated 2 years ago
• Velocidex / eql2vql
  Transform EQL detection rules to VQL artifacts
  ☆11Updated 3 years ago