Alternatives and similar repositories for awesome-ml-for-threat-detection:

Users that are interested in awesome-ml-for-threat-detection are comparing it to the libraries listed below

• nccgroup / JA3_outlier
  Incremental Machine Leaning by example - Detecting suspicious activity in real time with Zeek data streams, River and JA3 hashes
  ☆15Updated 2 years ago
• sans-blue-team / sec555-mdwiki-v1
  ☆11Updated 4 years ago
• chaitanyakrishna / IOCScraper
  IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.
  ☆34Updated 3 years ago
• TobySalusky / cont3xt
  Cont3xt intends to centralize and simplify a structured approach to gathering contextual intelligence in support of technical investigati…
  ☆37Updated last year
• yasser-alghamdi / winterfell-hunt
  Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…
  ☆15Updated 4 years ago
• gmagklaras / POFR
  Penguin OS Forensic (or Flight) Recorder
  ☆40Updated 4 months ago
• WithSecureLabs / FLAIR
  F-Secure Lightweight Acqusition for Incident Response (FLAIR)
  ☆16Updated 3 years ago
• cyentific-rni / SAG
  An elevated STIX representation of the MITRE ATT&CK Groups knowledge base
  ☆23Updated 2 years ago
• dhoelzer / DAD
  Log aggregation, analysis, alerting and correlation for Windows, Syslog and text based logs.
  ☆24Updated 8 years ago
• chihebchebbi / Azure-Sentinel-Hive-Playbook
  Send High & New Incidents to The Hive incident management Platform
  ☆18Updated 4 years ago
• HASecuritySolutions / WECComputerGroupMgmt
  ☆11Updated 3 years ago
• vz-risk / flow
  Tools related to work with Attack Flow (https://github.com/center-for-threat-informed-defense/attack-flow)
  ☆44Updated 2 years ago
• randomuserid / Baltar
  Searches for Insider Threat Hunting
  ☆31Updated 5 years ago
• ruppde / yara_rules
  Yara rules
  ☆21Updated 2 years ago
• honeydbio / honeydb-python
  HoneyDB Python Module
  ☆13Updated last year
• anubhavsaxena14 / Threat-Detection-using-Sentiment-Analysis
  Threat Detection System using Hybrid (Machine Learning + Lexical Analysis) learning Approach.
  ☆11Updated 7 years ago
• jstnk9 / ETW-Almulahaza
  ETW-Almulahaza is a consumer python-based tool that help you monitor ETW events of the operating system
  ☆13Updated 2 years ago
• lucky-luk3 / Infosec_Notebooks
  ☆21Updated last year
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆22Updated 5 months ago
• cocaman / analysis_scripts
  Collection of scripts used to analyse malware or emails
  ☆19Updated 4 years ago
• capesstack / capes-docker
  Cyber Analytics Platform and Examination System (CAPES) Project Page
  ☆14Updated 3 years ago
• santiago-bassett / Alienvault-Demo_scripts
  Scripts to inject demo data and network traffic into an existing Alienvault/OSSIM installation
  ☆21Updated 7 years ago
• mohlcyber / OpenDXL-ATD-MAR-Elasticsearch
  Automated Real-Time Threat Hunting with ATD, Active Response and Elasticsearch/Kibana
  ☆10Updated 6 years ago
• elastic / sans-dfir-2022
  Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"
  ☆11Updated 2 months ago
• BushidoUK / Malware-Zoo
  Hashes of infamous malware
  ☆26Updated last year
• CybercentreCanada / assemblyline-service-cuckoo
  Assemblyline 4 Malware detonation service (Cuckoo)
  ☆17Updated last year
• rj-chap / BaselineTraining
  Notes from my "Implementing a Kick-Butt Training Program: Blue Team GO!" talk
  ☆12Updated 6 years ago
• The-DFIR-Report / Suricata-Rules
  ☆11Updated last year
• tropChaud / Categorized-Adversary-TTPs
  Merge of two major cyber adversary datasets, MITRE ATT&CK and ETDA/ThaiCERT Threat Actor Cards, enabling victim/motivation-adversary-tech…
  ☆53Updated 2 years ago
• cado-security / CloudAndContainerCompromiseSimulator
  Simulates a compromise in a cloud and container environment
  ☆32Updated 4 months ago