Alternatives and similar repositories for rstthreats

Users that are interested in rstthreats are comparing it to the libraries listed below

• NettleSec / TriOp
  Tool for quickly gathering information from Shodan.io about the number of IPs which satisfy large number of different queries
  ☆49Updated 2 years ago
• tsale / BlueSploit
  BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.
  ☆32Updated 5 years ago
• DomainTools / DomainCAT
  Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations
  ☆43Updated 3 years ago
• packetsifter / packetsifterTool
  PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…
  ☆95Updated 3 years ago
• nidem / forgedpillow
  A tool to modify timestamps in a packet capture to a user selected date
  ☆31Updated 3 years ago
• ThreatLabz / iocs
  This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports
  ☆73Updated 5 months ago
• ninoseki / ioc-extractor
  An npm package for extracting common IoC (Indicator of Compromise) from a block of text
  ☆57Updated 3 months ago
• weslambert / securityonion-misp
  ☆35Updated 4 years ago
• cti-cmm / framework
  A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry N…
  ☆30Updated 2 weeks ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆55Updated 10 months ago
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 5 months ago
• nettitude / defensive-scripts
  Defence Against the Dark Arts
  ☆34Updated 5 years ago
• NVISOsecurity / nviso-cti
  ☆41Updated last year
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆53Updated 5 years ago
• BushidoUK / Abused-Legitimate-Services
  Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups
  ☆60Updated 2 years ago
• csirtgadgets / verbose-robot
  The Fastest way to consume Threat Intel
  ☆25Updated 3 years ago
• SecurityRiskAdvisors / dredd
  Automated detection rule analysis utility
  ☆29Updated 2 years ago
• ninoseki / uzen
  Website crawler with YARA detection
  ☆88Updated last year
• curated-intel / attack-lookup
  A MITRE ATT&CK Lookup Tool
  ☆45Updated last year
• OMENScan / AChoirX
  ReWrite of AChoir in Go for Cross Platform
  ☆41Updated 2 months ago
• krakow2600 / atomic-threat-coverage
  The project was moved here https://github.com/atomic-threat-coverage/atomic-threat-coverage
  ☆24Updated 5 years ago
• mthcht / ThreatHunting-Keywords-sigma-rules
  Sigma detection rules for hunting with the threathunting-keywords project
  ☆55Updated 2 months ago
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆41Updated last year
• ioc-fang / ioc-fanger
  Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .
  ☆61Updated last year
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆44Updated 4 years ago
• Mostafayahia-hunter / Virustotal-python-API-Domains-IPs-and-URLs-
  ☆21Updated 3 years ago
• imp0rtp3 / Yobi
  Yara Based Detection Engine for web browsers
  ☆47Updated 3 years ago
• chaitanyakrishna / IOCScraper
  IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.
  ☆34Updated 3 years ago
• sandialabs / gait
  Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies
  ☆31Updated last year
• MISP / evtx-toolkit
  Tool to read EVTX files including SYSMON and convert to JSON, MISP Objects and Graph stream
  ☆11Updated 4 years ago