Alternatives and similar repositories for pyinvestigate

Users that are interested in pyinvestigate are comparing it to the libraries listed below

• spitfire55 / MegaDev
  Bro IDS + ELK Stack to detect and block data exfiltration
  ☆46Updated 6 years ago
• PUNCH-Cyber / stoq-plugins-public
  stoQ Public Plugins
  ☆71Updated 2 years ago
• capesstack / capes
  Cyber Analytics Platform and Examination System (CAPES) Project Page
  ☆60Updated 6 years ago
• MISP / mail_to_misp
  Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.
  ☆69Updated last year
• csirtgadgets / bearded-avenger-deploymentkit
  CIFv3 DeploymentKit
  ☆64Updated 5 years ago
• QTek / QRadio
  QRadio ~ Best Threat Intelligence Radio ~ Tune In!
  ☆96Updated 9 years ago
• aboutsecurity / Bro-samples
  Network Forensics Bro scripts & pcap samples
  ☆63Updated 11 years ago
• certtools / intelmq-manager
  IntelMQ Manager is a graphical interface to manage configurations for IntelMQ framework.
  ☆105Updated 3 weeks ago
• gcrahay / otx_misp
  Imports Alienvault OTX pulses to a MISP instance
  ☆53Updated 3 years ago
• sroberts / threat-intel-templates
  A set of templates for documenting threat intelligence
  ☆75Updated 12 years ago
• securityclippy / elasticintel
  Serverless, low cost, threat intel aggregation for enterprise or personal use, backed by ElasticSearch.
  ☆141Updated 2 years ago
• csirtgadgets / bearded-avenger
  CIF v3 -- the fastest way to consume threat intelligence
  ☆182Updated 2 years ago
• automayt / FlowPlotter
  Generates visualizations from the output of flow tools such as SiLK.
  ☆35Updated 8 years ago
• CIRCL / pystemon
  Monitoring tool for PasteBin-alike sites written in Python. Inspired by pastemon http://github.com/xme/pastemon
  ☆44Updated 4 years ago
• hashtagcyber / bropy
  Basic Anomaly IDS capabilities with Python and Bro
  ☆105Updated 7 years ago
• ciscocsirt / netsarlacc
  ☆38Updated 7 years ago
• opendns / og-miner
  OpenDNS Graph Miner
  ☆45Updated 8 years ago
• xme / misp-docker
  Docker container for MISP
  ☆96Updated 7 years ago
• Yara-Rules / yara-endpoint
  Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
  ☆110Updated 7 years ago
• CIRCL / potiron
  Potiron - Normalize, Index and Visualize Network Capture
  ☆88Updated 6 years ago
• MISP / misp-packer
  Build Automated Machine Images for MISP
  ☆29Updated 2 years ago
• juju4 / ansible-MISP
  ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing
  ☆54Updated this week
• CIRCL / url-abuse
  URL Abuse - A Versatile Software for URL review, analysis and black-list reporting
  ☆145Updated 2 years ago
• philhagen / ip2geo
  Script to perform bulk local GeoIP lookups (ASN and geo) for IP addresses
  ☆102Updated 5 years ago
• CIRCL / traceroute-circl
  Traceroute improved wrapper for CSIRT and CERT operators
  ☆38Updated 11 months ago
• hosom / bro-otx
  Integrate Zeek with Alienvault OTX
  ☆25Updated 5 years ago
• abusesa / abusehelper
  A framework for receiving and redistributing abuse feeds
  ☆124Updated 5 years ago
• rocknsm / rock-scripts
  Bro scripts for the ROCK platform. http://rocknsm.io
  ☆34Updated 2 years ago
• zeek / cheat-sheet
  The Bro/Zeek language cheat sheet
  ☆53Updated 12 years ago
• jpsenior / threataggregator
  Aggregates security threats from a number of online sources, and outputs to Syslog CEF, Snort Signatures, Iptables rules, hosts.deny, etc…
  ☆82Updated 9 years ago