Alternatives and similar repositories for SOCFortress-Threat-Intel:

Users that are interested in SOCFortress-Threat-Intel are comparing it to the libraries listed below

• juaromu / wazuh-opencti
  ☆33Updated last year
• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆37Updated 2 years ago
• crow1011 / wazuh2thehive
  Wazuh integration TheHive
  ☆35Updated 2 years ago
• dariommr / scripts
  Personal scripts
  ☆13Updated 6 months ago
• tidalcyber / cyber-threat-profiling
  A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense
  ☆85Updated last year
• weslambert / DinoSOARLab
  Security Onion + Automation + Response Lab including n8n and Velociraptor
  ☆107Updated 2 years ago
• reversinglabs / reversinglabs-siem-rules
  A collection of various SIEM rules relating to malware family groups.
  ☆65Updated 9 months ago
• signorrayan / SplunkThreatHunting
  This repository contains Splunk queries to hunt some anomalies
  ☆39Updated 2 years ago
• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆71Updated last year
• UncoderIO / Roota
  Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …
  ☆122Updated 8 months ago
• OpenSecureCo / Wazuh
  ☆31Updated 3 years ago
• juaromu / wazuh-misp
  ☆15Updated 2 years ago
• theflakes / sigma_to_wazuh
  Convert Sigma rules to Wazuh rules
  ☆64Updated 11 months ago
• weslambert / velociraptor-docker
  Docker image for Velocidex Velociraptor
  ☆122Updated 2 weeks ago
• guardsight / gsvsoc_cybersecurity-incident-response-plan
  Cybersecurity Incident Response Plan
  ☆89Updated 4 years ago
• juaromu / wazuh
  ☆19Updated 3 years ago
• branchnetconsulting / wazuh-tools
  Useful scripts for those administering Wazuh
  ☆80Updated 2 months ago
• MISP / misp-playbooks
  MISP Playbooks
  ☆188Updated last month
• cudeso / misp2sentinel
  MISP to Sentinel integration
  ☆63Updated 3 months ago
• utilsec / QuickStart-Guides
  ☆43Updated last year
• PAST2212 / domainthreat
  Newly registered Domain Monitoring to detect phishing and brand impersonation with subdomain enumeration and source code scraping
  ☆48Updated last month
• CrowdStrike / MISP-tools
  Import CrowdStrike Threat Intelligence into your instance of MISP
  ☆44Updated last week
• Mikoyan-Dee / CrowdStrike-Queries
  CrowdStrike Falcon Queries For Advanced Threat Detection
  ☆16Updated 2 weeks ago
• Xboarder56 / QRCE-Rules
  These are open source rules that can be utilized with QRadar to detect various types of threats in the environment.
  ☆54Updated 5 years ago
• korniko98 / pivot-atlas
  ☆87Updated last month
• elysiumsecurityltd / IRM
  Incident Response Methodologies (IRM), also called Incident Playbook, based on the work done by the CERT Societe General
  ☆23Updated 3 years ago
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 3 months ago
• archanchoudhury / Detection-Rule-Dump
  This is the One Stop place where you can several Detection Rules which can help you to kick start your journey on SIEM, SOC work.
  ☆38Updated 3 years ago
• AttackIQ / DetectIQ
  ☆101Updated this week