Alternatives and similar repositories for cradle

Users that are interested in cradle are comparing it to the libraries listed below

• infosecB / Rulehound
  An index of publicly available and open-source threat detection rulesets.
  ☆125Updated 5 months ago
• ozanunal0 / viper
  🛡️ VIPER: Stay ahead of threats with AI-driven vulnerability intelligence. Prioritize CVEs effectively using NVD, EPSS, CISA KEV, and Go…
  ☆78Updated last month
• osintmatter / RequestShield
  RequestShield is a 100% Free and OpenSource tool designed to analyze HTTP access.logs and identify suspicious HTTP requests and potential…
  ☆104Updated 10 months ago
• arsolutioner / ExtensionHound
  A security analysis tool that identifies DNS queries made by browser extensions, empowering security teams to detect and investigate susp…
  ☆180Updated 7 months ago
• curated-intel / Attribution-to-IP
  A collection of methods to learn who the owner of an IP address is.
  ☆174Updated this week
• Yamato-Security / suzaku
  Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.
  ☆151Updated this week
• mbhatt1 / GhostLine
  Feed it a number. Your cloned voice does the social engineering, while you sip your coffee. A ghost that talks on the phone for you.
  ☆102Updated 4 months ago
• huntresslabs / rogueapps
  When good OAuth apps go rogue. Documents observed OAuth application tradecraft
  ☆79Updated last month
• MalBeacon / what-is-this-stealer
  A repository of credential stealer formats
  ☆227Updated 3 months ago
• krdmnbrk / AttackRuleMap
  Mapping of open-source detection rules and atomic tests.
  ☆177Updated 8 months ago
• montysecurity / YaraMonitor
  Framework for Monitoring File Ingestion Source for Yara Matches
  ☆50Updated 6 months ago
• DataDog / HASH
  HASH (HTTP Agnostic Software Honeypot)
  ☆138Updated last year
• Mickinthemiddle / CLOAK
  Knowledge base on cybercriminal concealment techniques
  ☆78Updated 4 months ago
• ekky19 / osint
  Have you ever wanted to search a link or IP address on multiple OSINT pages at once?
  ☆57Updated 2 months ago
• Neo23x0 / god-mode-rules
  God Mode Detection Rules
  ☆134Updated last year
• reecdeep / segugio
  Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…
  ☆150Updated last year
• referefref / sinon
  Automation tool for Windows Deception Host Burn-In
  ☆86Updated 10 months ago
• splunk / DECEIVE
  DECeption with Evaluative Integrated Validation Engine (DECEIVE): Let an LLM do all the hard honeypot work!
  ☆263Updated 3 months ago
• cisagov / playbook-ng
  Playbook-NG is a stateless web-based application used to match incident findings with countermeasures for adversary containment and evict…
  ☆149Updated this week
• stripe / ft3
  FT3: Fraud Tools, Tactics, and Techniques Framework
  ☆91Updated 2 months ago
• sgInnora / sharpeye
  SharpEye: Advanced Linux Intrusion Detection and Threat Hunting System
  ☆160Updated 4 months ago
• 0xBallpoint / trapster-community
  Modern honeypot supporting multiple services, realistic website cloning, and AI-powered features
  ☆142Updated 3 weeks ago
• vectra-ai-research / Halberd
  Halberd : Multi-Cloud Agentic Attack Tool
  ☆311Updated last month
• 100DaysofYARA / 2025
  Rules shared by the community from 100 Days of YARA 2025
  ☆35Updated 8 months ago
• hazcod / shade
  PoC shadow SaaS and insecure credential detection system using a browser extension.
  ☆40Updated last month
• Ke0xes / Detection-Engineering-Framework
  ☆72Updated 3 weeks ago
• korniko98 / pivot-atlas
  ☆96Updated last month
• brayden031 / varalyze
  Cyber threat intelligence tool suite.
  ☆42Updated 6 months ago
• elastic / SWAT
  ☆163Updated this week
• northsh / detection.studio
  Convert Sigma rules to SIEM queries, directly in your browser.
  ☆95Updated last week