Alternatives and similar repositories for wazuh-mcp-server

Users that are interested in wazuh-mcp-server are comparing it to the libraries listed below

• krdmnbrk / AttackRuleMap
  Mapping of open-source detection rules and atomic tests.
  ☆176Updated 8 months ago
• PAST2212 / domainthreat
  Newly registered Domain Monitoring to detect phishing and brand impersonation with subdomain enumeration and source code scraping
  ☆54Updated 2 months ago
• AttackIQ / DetectIQ
  ☆116Updated 3 months ago
• iknowjason / AutomatedEmulation
  An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.
  ☆196Updated last year
• vectra-ai-research / Halberd
  Halberd : Multi-Cloud Agentic Attack Tool
  ☆309Updated 2 weeks ago
• ekky19 / osint
  Have you ever wanted to search a link or IP address on multiple OSINT pages at once?
  ☆57Updated 2 months ago
• tguard-soc-package / nusantara
  ☆217Updated last year
• UncoderIO / Roota
  Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …
  ☆128Updated last year
• arsolutioner / ExtensionHound
  A security analysis tool that identifies DNS queries made by browser extensions, empowering security teams to detect and investigate susp…
  ☆178Updated 7 months ago
• CERN-CERT / pDNSSOC
  Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.
  ☆51Updated 8 months ago
• hackertarget / pcap-did-what
  Analyze pcaps with Zeek and a Grafana Dashboard
  ☆182Updated last year
• ine-labs / ThreatSeeker
  ThreatSeeker: Threat Hunting via Windows Event Logs
  ☆123Updated 2 years ago
• splunk / DECEIVE
  DECeption with Evaluative Integrated Validation Engine (DECEIVE): Let an LLM do all the hard honeypot work!
  ☆260Updated 3 months ago
• lawndoc / Respotter
  Respotter is a Responder honeypot. Detect Responder in your environment as soon as it's spun up.
  ☆197Updated last month
• CyberCX-STA / PurpleOps
  An open-source self-hosted purple team management web application.
  ☆287Updated 3 weeks ago
• ozanunal0 / viper
  🛡️ VIPER: Stay ahead of threats with AI-driven vulnerability intelligence. Prioritize CVEs effectively using NVD, EPSS, CISA KEV, and Go…
  ☆77Updated last month
• referefref / sinon
  Automation tool for Windows Deception Host Burn-In
  ☆86Updated 9 months ago
• LetsDefend / incident-response-playbooks
  ☆185Updated last year
• infosecB / Rulehound
  An index of publicly available and open-source threat detection rulesets.
  ☆124Updated 5 months ago
• socfortress / SOCFortress-Threat-Intel
  Integrate your Wazuh-Manager or Graylog with the SOCFortress Threat Intel Service
  ☆29Updated 11 months ago
• saidhfm / Cloud-Threat-Detection-Lab-AWS
  ☆35Updated 10 months ago
• gbrigandi / mcp-server-wazuh
  MCP Server for Wazuh SIEM
  ☆110Updated 2 months ago
• huntresslabs / rogueapps
  When good OAuth apps go rogue. Documents observed OAuth application tradecraft
  ☆78Updated 2 weeks ago
• MeltingBot / fake_ransomware_group
  Interactive simulation of a fictional ransomware group's dashboard
  ☆12Updated 11 months ago
• AlbinoGazelle / esxi-testing-toolkit
  🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.
  ☆78Updated 4 months ago
• Mickinthemiddle / CLOAK
  Knowledge base on cybercriminal concealment techniques
  ☆76Updated 4 months ago
• crow1011 / wazuh2thehive
  Wazuh integration TheHive
  ☆39Updated 2 years ago
• Galeax / CVE2CAPEC
  Generate MITRE ATT&CK and D3FEND from a list of CVEs. Database with CVE, CWE, CAPEC, MITRE ATT&CK and D3FEND Techniques data is updated d…
  ☆228Updated this week
• CERT-Polska / mailgoose
  A web application that allows the users to check whether their SPF, DMARC and DKIM configuration is set up correctly.
  ☆145Updated this week
• 0xBallpoint / trapster-community
  Modern honeypot supporting multiple services, realistic website cloning, and AI-powered features
  ☆140Updated this week