Alternatives and similar repositories for sandfly-setup

Users that are interested in sandfly-setup are comparing it to the libraries listed below

• NextronSystems / thor-lite
  Fast IOC and YARA Scanner
  ☆80Updated 5 years ago
• mytechnotalent / Zeek-Network-Security-Monitor
  A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the…
  ☆62Updated 2 years ago
• packetsifter / packetsifterTool
  PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…
  ☆95Updated 4 years ago
• NettleSec / TriOp
  Tool for quickly gathering information from Shodan.io about the number of IPs which satisfy large number of different queries
  ☆49Updated 2 years ago
• Information-Warfare-Center / CSI-SIEM
  CSI SIEM
  ☆110Updated 2 years ago
• adhdproject / awesome-active-defense
  an awesome list of active defense resources
  ☆123Updated 5 years ago
• Velocidex / cloudvelo
  An experimental Velociraptor implementation using cloud infrastructure
  ☆25Updated last month
• silverfort-open-source / latma
  ☆80Updated 2 years ago
• chaitanyakrishna / IOCScraper
  IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.
  ☆35Updated 3 years ago
• weslambert / DinoSOARLab
  Security Onion + Automation + Response Lab including n8n and Velociraptor
  ☆110Updated 2 years ago
• qeeqbox / seahorse
  ELKFH - Elastic, Logstash, Kibana, Filebeat and Honeypot (HTTP, HTTPS, SSH, RDP, VNC, Redis, MySQL, MONGO, SMB, LDAP)
  ☆46Updated 4 years ago
• qeeqbox / mitre-visualizer
  🧬 Mitre Interactive Network Graph (APTs, Malware, Tools, Techniques & Tactics)
  ☆94Updated 3 years ago
• simeononsecurity / Blue-Team-Tools
  A collection of scripts, tools. and configs for various OS'es and applications, all free and or open-source, to assist in impromptu Blue-…
  ☆99Updated last year
• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆39Updated 3 years ago
• activecm / smudge
  Passive OS detection based on SYN packets without Transmitting any Data
  ☆47Updated 2 years ago
• tsale / BlueSploit
  BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.
  ☆32Updated 5 years ago
• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆70Updated 2 years ago
• mitre / engage
  MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.
  ☆65Updated last year
• SecurityNik / pktIntel
  Tool used to perform threat intelligence against packet data
  ☆35Updated 6 months ago
• catalyst256 / CyberNomadResources
  Accompanying documentation, images, source code and other stuff from the cybernomad.online blog
  ☆28Updated 4 years ago
• MISP / misp-training-lea
  Practical Information Sharing between Law Enforcement and CSIRT communities using MISP
  ☆33Updated last year
• malpedia / malpediaclient
  ☆25Updated last week
• kanecain1981 / SANS_Index_Helper_Tool
  Python command line tool used for generating GIAC Certification indexes.
  ☆26Updated 2 years ago
• Security-Onion-Solutions / securityonion-soc
  ☆55Updated this week
• dhoelzer / Silky
  Web interface for monitoring and interacting with Netflow data stored in Silk repositories.
  ☆13Updated 6 years ago
• MarkBaggett / apiify
  Wrap any binary into a cached webserver
  ☆53Updated 3 years ago
• CERT-Bund / IRNetTools
  Incident Response Network Tools
  ☆24Updated 4 years ago
• StevenD33 / Lab-DFIR-SOC
  ☆68Updated 4 years ago
• cmdshiftd / elrond
  Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
  ☆31Updated 6 months ago
• dhoelzer / DAD
  Log aggregation, analysis, alerting and correlation for Windows, Syslog and text based logs.
  ☆23Updated 8 years ago