Alternatives and similar repositories for StoW

Users that are interested in StoW are comparing it to the libraries listed below

• socfortress / SOCFortress-Threat-Intel
  Integrate your Wazuh-Manager or Graylog with the SOCFortress Threat Intel Service
  ☆31Updated last year
• dariommr / scripts
  Personal scripts
  ☆15Updated last year
• weslambert / DinoSOARLab
  Security Onion + Automation + Response Lab including n8n and Velociraptor
  ☆112Updated 3 years ago
• referefref / sinon
  Automation tool for Windows Deception Host Burn-In
  ☆86Updated last year
• theflakes / sigma_to_wazuh
  Convert Sigma rules to Wazuh rules
  ☆73Updated 3 months ago
• cisagov / playbook-ng
  Playbook-NG is a stateless web-based application used to match incident findings with countermeasures for adversary containment and evict…
  ☆152Updated last week
• infobloxopen / threat-intelligence
  ☆101Updated 2 weeks ago
• elastic / detection-rules-explorer
  ☆21Updated this week
• st0pp3r / awesome-detection-engineer
  Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools…
  ☆133Updated 2 weeks ago
• nasbench / Eventlog_Compendium
  The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.
  ☆50Updated 7 months ago
• juaromu / wazuh-opencti
  ☆40Updated 2 years ago
• bruneaug / DShield-SIEM
  DShield Sensor Log Collection with ELK
  ☆46Updated this week
• northsh / detection.studio
  Convert Sigma rules to SIEM queries, directly in your browser.
  ☆96Updated last week
• ozanunal0 / viper
  🛡️ VIPER: Stay ahead of threats with AI-driven vulnerability intelligence. Prioritize CVEs effectively using NVD, EPSS, CISA KEV, and Go…
  ☆80Updated 4 months ago
• krdmnbrk / AttackRuleMap
  Mapping of open-source detection rules and atomic tests.
  ☆190Updated 10 months ago
• CrowdStrike / VirtualGHOST
  VirtualGHOST Detection Tool
  ☆100Updated last week
• infosecB / Rulehound
  An index of publicly available and open-source threat detection rulesets.
  ☆132Updated 7 months ago
• korniko98 / pivot-atlas
  ☆100Updated this week
• sublime-security / sublime-platform
  A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and contr…
  ☆238Updated last week
• socfortress / wazuh-mcp-server
  Repo to hold wazuh manager mcp server
  ☆68Updated 2 months ago
• UncoderIO / Roota
  Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …
  ☆132Updated last year
• juaromu / wazuh
  ☆20Updated 4 years ago
• arsolutioner / ExtensionHound
  A security analysis tool that identifies DNS queries made by browser extensions, empowering security teams to detect and investigate susp…
  ☆184Updated 10 months ago
• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆80Updated 2 months ago
• mgreen27 / mcp-velociraptor
  VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.
  ☆62Updated 3 months ago
• juaromu / wazuh-misp
  ☆20Updated 2 years ago
• NextronSystems / thor-lite
  Fast IOC and YARA Scanner
  ☆85Updated 5 years ago
• joeavanzato / LogBoost
  Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…
  ☆108Updated last year
• securityjoes / ForensicMiner
  A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
  ☆159Updated 8 months ago
• ekky19 / osint
  Have you ever wanted to search a link or IP address on multiple OSINT pages at once?
  ☆58Updated 5 months ago