Alternatives and similar repositories for sandfly-setup

Users that are interested in sandfly-setup are comparing it to the libraries listed below

• Security-Onion-Solutions / securityonion-soc
  ☆53Updated last week
• NettleSec / TriOp
  Tool for quickly gathering information from Shodan.io about the number of IPs which satisfy large number of different queries
  ☆49Updated 2 years ago
• malpedia / malpediaclient
  ☆22Updated last month
• mytechnotalent / Zeek-Network-Security-Monitor
  A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the…
  ☆63Updated 2 years ago
• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆37Updated 2 years ago
• activecm / smudge
  Passive OS detection based on SYN packets without Transmitting any Data
  ☆46Updated 2 years ago
• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆70Updated last year
• NextronSystems / thor-lite
  Fast IOC and YARA Scanner
  ☆79Updated 5 years ago
• silascutler / awesome-docker-malware-analysis
  Repository of tools and resources for analyzing Docker containers
  ☆65Updated last year
• nettitude / defensive-scripts
  Defence Against the Dark Arts
  ☆34Updated 5 years ago
• davidonzo / apiosintDS
  On demand query API for https://github.com/davidonzo/Threat-Intel project.
  ☆55Updated 11 months ago
• weslambert / securityonion-misp
  ☆35Updated 4 years ago
• MISP / misp-training-lea
  Practical Information Sharing between Law Enforcement and CSIRT communities using MISP
  ☆32Updated last year
• chaitanyakrishna / IOCScraper
  IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.
  ☆34Updated 3 years ago
• clausing / scripts
  ☆65Updated 2 months ago
• Velocidex / cloudvelo
  An experimental Velociraptor implementation using cloud infrastructure
  ☆25Updated this week
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆41Updated last year
• MarkBaggett / apiify
  Wrap any binary into a cached webserver
  ☆53Updated 3 years ago
• silverfort-open-source / latma
  ☆80Updated 2 years ago
• iomoath / yara-scanner
  YaraScanner is a file pattern-matching tool based on YARA rules.
  ☆57Updated 2 years ago
• StevenD33 / Lab-DFIR-SOC
  ☆65Updated 4 years ago
• curated-intel / attack-lookup
  A MITRE ATT&CK Lookup Tool
  ☆45Updated last year
• packetsifter / packetsifterTool
  PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…
  ☆95Updated 3 years ago
• activecm / threat-hunting-labs
  Collection of walkthroughs on various threat hunting techniques
  ☆75Updated 4 years ago
• cado-security / rip_raw
  Rip Raw is a small tool to analyse the memory of compromised Linux systems.
  ☆130Updated 3 years ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆55Updated 10 months ago
• capesstack / capes-docker
  Cyber Analytics Platform and Examination System (CAPES) Project Page
  ☆14Updated 3 years ago
• NextronSystems / nextron-helper-scripts
  Public tools, scripts or code snippets that can help when working with our products
  ☆46Updated 2 weeks ago
• arpitn30 / nipper-ng
  Automatically exported from code.google.com/p/nipper-ng
  ☆70Updated 2 years ago
• corelight / threat-hunting-guide
  ☆51Updated 3 years ago