Alternatives and similar repositories for sf-apis

Users that are interested in sf-apis are comparing it to the libraries listed below

• zeek / zeek-agent
  This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2
  ☆123Updated 4 years ago
• 0xtf / nsm-attack
  Mapping NSM rules to MITRE ATT&CK
  ☆71Updated 4 years ago
• zeek / zeek-osquery
  Bro/Zeek integration with osquery
  ☆94Updated 4 years ago
• SpiderLabs / IOCs-IDPS
  This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)
  ☆104Updated 3 years ago
• beave / sagan-rules
  Rule sets for Sagan
  ☆104Updated 4 years ago
• CIRCL / PyPDNS
  Client API to query any Passive DNS implementation following the Passive DNS - Common Output Format.
  ☆81Updated 2 months ago
• salesforce / bro-sysmon
  How to Zeek Sysmon Logs!
  ☆101Updated 3 years ago
• 0xtf / testmynids.org
  A website and framework for testing NIDS detection
  ☆57Updated 3 years ago
• csirtgadgets / bearded-avenger-deploymentkit
  CIFv3 DeploymentKit
  ☆64Updated 5 years ago
• sysflow-telemetry / sysflow
  SysFlow documentation and issues tracker
  ☆46Updated 8 months ago
• DCSO / MISP-dockerized
  ☆33Updated 5 years ago
• olafhartong / detection-sources
  ☆53Updated 6 years ago
• baronpan / SysmonHunter
  An easy ATT&CK-based Sysmon hunting tool, showing in Blackhat USA 2019 Arsenal
  ☆202Updated 3 years ago
• sysflow-telemetry / sf-collector
  SysFlow collection probe
  ☆16Updated 4 months ago
• zeek / zeekctl
  Tool for managing Zeek deployments.
  ☆56Updated last month
• oasis-open / cti-stix-common-objects
  OASIS Cyber Threat Intelligence (CTI) TC: A repository for commonly used STIX objects in order to avoid needless duplication. https://gi…
  ☆93Updated this week
• michaelhidalgo / attack-to-elk
  This program exports MITRE ATT&CK framework in ELK dashboard
  ☆79Updated 2 years ago
• OTRF / detection-hackathon-apt29
  Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets
  ☆137Updated 4 years ago
• joshbressers / cve-analysis
  Tools for conducting analysis of CVE data in Elasticsearch
  ☆74Updated 2 weeks ago
• zeek / zeek-af_packet-plugin
  Plugin providing native AF_Packet support for Zeek.
  ☆34Updated last year
• endgameinc / eqllib
  ☆164Updated 4 years ago
• stratosphereips / zeek_anomaly_detector
  A completely automated anomaly detector Zeek network flows files (conn.log).
  ☆80Updated 9 months ago
• LiamRandall / bro-scripts
  Bro scripts to be shared with the community
  ☆109Updated 12 years ago
• blacktop / docker-zeek
  Zeek IDS Dockerfile
  ☆101Updated 2 years ago
• hosom / file-extraction
  Extract files from network traffic with Zeek.
  ☆101Updated 5 years ago
• SecurityRiskAdvisors / TALR
  Threat Alert Logic Repository
  ☆92Updated 6 years ago
• Javierop20 / joy2ja3
  Python tool for converting from joy format to JA3 format SSL/TLS hashes
  ☆11Updated 5 years ago
• 401trg / detections
  This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant ya…
  ☆122Updated 4 years ago
• ozuriexv / SublimeSuricata
  ☆35Updated last year
• MITRECND / bro-http2
  Plugin for Zeek/Bro which provides http2 decoder/analyzer
  ☆31Updated 11 months ago