Alternatives and similar repositories for SOCFortress-Threat-Intel

Users that are interested in SOCFortress-Threat-Intel are comparing it to the libraries listed below

• juaromu / wazuh-opencti
  ☆34Updated last year
• cudeso / misp2sentinel
  MISP to Sentinel integration
  ☆67Updated last month
• reversinglabs / reversinglabs-siem-rules
  A collection of various SIEM rules relating to malware family groups.
  ☆66Updated 11 months ago
• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆37Updated 2 years ago
• theflakes / sigma_to_wazuh
  Convert Sigma rules to Wazuh rules
  ☆64Updated last year
• juaromu / wazuh
  ☆19Updated 3 years ago
• weslambert / DinoSOARLab
  Security Onion + Automation + Response Lab including n8n and Velociraptor
  ☆109Updated 2 years ago
• kraven-security / python-threat-hunting-tools
  This repository contains various threat hunting tools written in Python and is documented in the series Python Threat Hunting Tools which…
  ☆13Updated last year
• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆70Updated last year
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 5 months ago
• MHaggis / ClickGrab
  Finding ClickFix and FakeCAPTCHA like it's 1999
  ☆36Updated this week
• weslambert / velociraptor-docker
  Docker image for Velocidex Velociraptor
  ☆126Updated 2 months ago
• MISP / misp-playbooks
  MISP Playbooks
  ☆200Updated 3 months ago
• dariommr / scripts
  Personal scripts
  ☆14Updated 8 months ago
• OpenSecureCo / Wazuh
  ☆31Updated 3 years ago
• securityjoes / ForensicMiner
  A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
  ☆156Updated last month
• signorrayan / SplunkThreatHunting
  This repository contains Splunk queries to hunt some anomalies
  ☆42Updated 2 years ago
• activecm / threat-tools
  Tools for simulating threats
  ☆183Updated last year
• cisagov / ACID
  ☆69Updated last month
• AttackIQ / DetectIQ
  ☆103Updated this week
• tidalcyber / cyber-threat-profiling
  A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense
  ☆87Updated last year
• curated-intel / The-CTI-Research-Guide
  A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners
  ☆88Updated 6 months ago
• sametsazak / sysmon
  Sysmon and wazuh integration with Sigma sysmon rules [updated]
  ☆65Updated 3 years ago
• st0pp3r / awesome-detection-engineer
  Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools…
  ☆93Updated 2 weeks ago
• msraju / Incident-Response-Playbooks
  ☆43Updated 2 years ago
• MISP / misp-docker
  A production ready Dockered MISP
  ☆233Updated this week
• strandjs / ClassLabs
  ☆59Updated 4 years ago
• west-wind / Threat-Hunting-With-Splunk
  Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise
  ☆63Updated last year
• UncoderIO / Roota
  Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …
  ☆127Updated 9 months ago
• guardsight / gsvsoc_cybersecurity-incident-response-plan
  Cybersecurity Incident Response Plan
  ☆91Updated 4 years ago