Alternatives and similar repositories for art:

Users that are interested in art are comparing it to the libraries listed below

• TKCERT / sysmon-config
  Sysmon configuration file template with default high-quality event tracing
  ☆17Updated 3 years ago
• mzbat / mirr
  Repo for MIRR Workshop Heroku app
  ☆51Updated 4 years ago
• et0x / Incident-Response
  ☆36Updated 8 years ago
• JamesHabben / sysmon-queries
  Queries to parse sysmon event log file with microsoft logparser
  ☆56Updated 10 years ago
• Foundstone / ExpertInvestigationGuides
  Expert Investigation Guides
  ☆51Updated 4 years ago
• oneoffdallas / check_ioc
  Check_ioc is a script to check for various, selectable indicators of compromise on Windows systems via PowerShell and Event Logs. It was …
  ☆77Updated 7 years ago
• yolothreat / utilitybelt
  A Python library for being a CND Batman....
  ☆35Updated 9 years ago
• capesstack / capes
  Cyber Analytics Platform and Examination System (CAPES) Project Page
  ☆60Updated 5 years ago
• ctxis / cbrcli
  Command line interface to Carbon Black Response
  ☆38Updated 4 years ago
• da667 / Autosuricata
  first commit
  ☆20Updated last year
• z3ndrag0n / forensicator-fate
  Bringing DevOps to Forensics
  ☆34Updated 10 years ago
• CIRCL / traceroute-circl
  Traceroute improved wrapper for CSIRT and CERT operators
  ☆37Updated 5 months ago
• andrewbeard / broworkshop
  Materials for the BSides NoVA/Charleston 2018 Bro Workshop
  ☆14Updated 3 weeks ago
• neu5ron / WinLogsZero2Hero
  This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.
  ☆22Updated 7 years ago
• chrissanders / idh
  Intrusion Detection Honeypots Book Code
  ☆25Updated 4 years ago
• imander / DarkObserver
  Windows PowerShell domain scanning tool
  ☆54Updated 8 years ago
• MattCarothers / uhp
  Universal Honey Pot
  ☆29Updated 2 years ago
• BechtelCIRT / beholder
  Beholder is a shell script which installs and configures essentials to peer into your network activity.
  ☆19Updated 7 years ago
• hashtagcyber / bropy
  Basic Anomaly IDS capabilities with Python and Bro
  ☆105Updated 7 years ago
• sroberts / hubot-vtr-scripts
  Scripts for making Hubot a CND Sidekick
  ☆59Updated 8 years ago
• leesoh / yams
  A collection of Ansible roles for automating infosec builds.
  ☆92Updated 7 years ago
• COVID-19-CTI-LEAGUE / PUBLIC_RELEASE
  Files vetted, and approved for public release
  ☆53Updated last year
• exp0se / harbinger
  Harbinger Threat Intelligence
  ☆82Updated 9 years ago
• CIRCL / PyCIRCLean
  Python library used by CIRCLean (the USB sanitizer) and others
  ☆54Updated last year
• opendns / pyinvestigate
  Python module to interface with the OpenDNS Investigate API
  ☆63Updated 3 years ago
• glassdfir / SysmonMapper
  Maps process creation logged by Sysmon uses Google Org Chart API
  ☆24Updated 9 years ago
• opensourcesec / cblrconsole
  Carbonblack Live Response from the comfort of your own terminal
  ☆20Updated 9 years ago
• vmware-archive / cb-reporting
  Report Generation from the Carbon Black REST API
  ☆15Updated 3 years ago
• mfkhan237 / remote-install-cbsensor
  Remotely Install the Carbon Black Sensor in Bulk, using PowerShell and PSEXEC, silently, on multiple machines.
  ☆23Updated 4 years ago
• ThreatResponse / threatresponse_web
  Web based analysis platform for use with the AWS_IR command line tool.
  ☆17Updated 8 years ago