Alternatives and similar repositories for awesome-ml-for-threat-detection

Users that are interested in awesome-ml-for-threat-detection are comparing it to the libraries listed below

• nccgroup / JA3_outlier
  Incremental Machine Leaning by example - Detecting suspicious activity in real time with Zeek data streams, River and JA3 hashes
  ☆16Updated 3 years ago
• chaitanyakrishna / IOCScraper
  IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.
  ☆35Updated 3 years ago
• dhoelzer / DAD
  Log aggregation, analysis, alerting and correlation for Windows, Syslog and text based logs.
  ☆23Updated 8 years ago
• jstnk9 / ETW-Almulahaza
  ETW-Almulahaza is a consumer python-based tool that help you monitor ETW events of the operating system
  ☆13Updated 3 years ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆55Updated last year
• TobySalusky / cont3xt
  Cont3xt intends to centralize and simplify a structured approach to gathering contextual intelligence in support of technical investigati…
  ☆37Updated last year
• CIRCL / factual-rules-generator
  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
  ☆76Updated 3 years ago
• Hestat / calamity
  A script to assist in processing forensic RAM captures for malware triage
  ☆27Updated 4 years ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆22Updated 10 months ago
• dgunter / ParseZeekLogs
  Utility for parsing Bro log files into CSV or JSON format
  ☆41Updated 2 years ago
• cocaman / analysis_scripts
  Collection of scripts used to analyse malware or emails
  ☆20Updated 4 years ago
• randomuserid / Baltar
  Searches for Insider Threat Hunting
  ☆32Updated 6 years ago
• csirt-tooling-org / tooling-directory
  Tools used by CSIRT and especially in the scope of CNW
  ☆16Updated 2 months ago
• WithSecureLabs / FLAIR
  F-Secure Lightweight Acqusition for Incident Response (FLAIR)
  ☆17Updated 4 years ago
• SCS-Labs / TheWatchList
  Threat Feeds, Threat lists, and regular lists of known IP ranges and domains. It updates every 4 hours.
  ☆16Updated 4 years ago
• OTRF / sigma
  Generic Signature Format for SIEM Systems
  ☆14Updated 3 years ago
• honeydbio / honeydb-python
  HoneyDB Python Module
  ☆13Updated last year
• ashwin-patil / threat-hunting-with-notebooks
  Repository with Sample threat hunting notebooks on Security Event Log Data Sources
  ☆66Updated 2 years ago
• alwashmi / MasterParser
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆23Updated 4 years ago
• ail-project / ail-feeder-twitter
  External twitter feeder for AIL framework
  ☆16Updated 2 years ago
• egaus / malicious_url_analysis
  ☆18Updated 7 years ago
• 3c7 / common-osint-model
  Converting data from services like Censys and Shodan to a common data model
  ☆50Updated 2 months ago
• mohlcyber / MISP-MVISION-EDR
  Integration between MISP platform and McAfee MVISION EDR
  ☆14Updated 3 years ago
• ail-project / ail-yara-rules
  A set of YARA rules for the AIL framework to detect leak or information disclosure
  ☆38Updated 6 months ago
• 3c7 / infrastructure-tracking-schema
  ☆25Updated 2 years ago
• ruppde / yara_rules
  Yara rules
  ☆22Updated 2 years ago
• ninoseki / ioc-extractor
  An npm package for extracting common IoC (Indicator of Compromise) from a block of text
  ☆58Updated last week
• elastic / sans-dfir-2022
  Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"
  ☆11Updated 6 months ago
• jstnk9 / TIBER-Cases
  TIBER-Cases is a project created to give cases of The Hive platform for Threat Intelligence Analysts mainly. All the cases are mapped to …
  ☆26Updated 3 years ago
• SecurityNik / pktIntel
  Tool used to perform threat intelligence against packet data
  ☆35Updated 7 months ago