Open Source SIEM Stack
☆147Jun 15, 2026Updated this week
Alternatives and similar repositories for OSSIEM
Users that are interested in OSSIEM are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- SOCFortress CoPilot☆497Updated this week
- Open Source SIEM Stack☆30Oct 15, 2024Updated last year
- Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!☆1,331Mar 11, 2026Updated 3 months ago
- Integrate your Wazuh-Manager or Graylog with the SOCFortress Threat Intel Service☆33Sep 26, 2024Updated last year
- OpenAEV Docker deployment helpers☆30Jun 7, 2026Updated last week
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Ansible playbook to convert Sigma rules to ElastAlert rules☆10Feb 5, 2021Updated 5 years ago
- Repo for experimenting and testing MCP server builds for CTI-related research.☆27May 13, 2025Updated last year
- Parsers and scenarios to allow CrowdSec to ban threat actors caught by NAXSI WAF on a OPNSense firewall deployment.☆19Oct 21, 2022Updated 3 years ago
- ☆31Aug 21, 2024Updated last year
- Collaborative, web-based case management for incident response☆24Jan 23, 2024Updated 2 years ago
- Python client and module for Vulnerability-Lookup.☆16Updated this week
- A command-line tool and module for the free Sublime Analysis API☆16Jun 18, 2024Updated 2 years ago
- 🎮 AI-powered solo mode for Backdoors & Breaches. Train incident response skills anytime with an LLM Incident Master. Arcade-themed fork …☆28Dec 27, 2025Updated 5 months ago
- Files related to my Graylog home lab setup☆25Dec 5, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- This contains scripts, tools, and other programs I show case on my youtube channel.☆24Oct 30, 2025Updated 7 months ago
- T-Guard Repository☆18May 2, 2024Updated 2 years ago
- Singul: Connect to your favorite services with a Singul line of code.☆25May 7, 2026Updated last month
- YARA Rule Strings Statistics Calculator and Malware Research Helper☆14Jul 24, 2021Updated 4 years ago
- These are installation notes based on Mayfly's installation notes. They are more streamlined for Vagrant as I did not take the Docker rou…☆27Jun 19, 2024Updated last year
- This is a Project Designed for Security Analysts and all SOC audiences who wants to play with implementation and explore the Modern SOC a…☆732Sep 23, 2024Updated last year
- Security Operations Chef☆61Jan 18, 2026Updated 5 months ago
- Repo to hold wazuh manager mcp server☆83Apr 15, 2026Updated 2 months ago
- Autonomous SOC analyst agent for SOCfortress CoPilot — auto-investigates alerts, enriches IOCs, and writes back findings using Claude + l…☆88Jun 3, 2026Updated 2 weeks ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Lokix Platform is a free open-source solution to help blue teams and threat hunters use Loki Scanner to sweep enterprise networks☆25Aug 8, 2020Updated 5 years ago
- One of the few OSINT tools non-USA focused, designed to retrieve and verify data for Mexican citizens in the OSINT investigations context…☆15Mar 12, 2023Updated 3 years ago
- Splunk Technology Add-On (TA) for collecting ETW events from Windows systems☆16Dec 8, 2022Updated 3 years ago
- MISP website (hugo-based)☆25Jun 10, 2026Updated last week
- A Docker lab integrating Splunk SIEM with Ollama LLM via MCP for AI security operations. Features Promptfoo OWASP evaluation, TA-ollama a…☆30Mar 8, 2026Updated 3 months ago
- ☆15Aug 12, 2024Updated last year
- Code Repository for Python for Beginners with Examples, published by Packt☆10Oct 28, 2022Updated 3 years ago
- An automated Adversary Emulation lab with terraform and MCP server. Build Caldera techniques and operations assisted with LLMs. Built f…☆210Nov 23, 2025Updated 6 months ago
- Tool for obtaining information about PPL processes☆16Feb 12, 2024Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- 🛡️Awesome lists about all kinds of interesting topics of Wazuh XDR/SIEM☆127Apr 27, 2026Updated last month
- Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.☆2,322Jun 9, 2026Updated last week
- ☆33Mar 24, 2026Updated 2 months ago
- Code that can be used to create/steal/manipulate token contexts in a program. Can be implemented into other C# projects.☆12Jan 3, 2019Updated 7 years ago
- The official Prelude SIEM GitHub of https://www.prelude-siem.org☆43Jun 12, 2016Updated 10 years ago
- List of NSO Pegasus's C2C Servers where will be used to control Pegasus.☆23Nov 2, 2025Updated 7 months ago
- ☆10May 30, 2021Updated 5 years ago