Alternatives and similar repositories for true-positive

Users that are interested in true-positive are comparing it to the libraries listed below

• CERT-Bund / IRNetTools
  Incident Response Network Tools
  ☆24Updated 3 years ago
• Shuffle / workflows
  Workflows for Shuffle
  ☆23Updated 2 years ago
• veeral-patel / incidents
  Please use https://github.com/veeral-patel/true-positive instead
  ☆67Updated 2 years ago
• ReconInfoSec / graylog2thehive
  Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.
  ☆44Updated 4 years ago
• sametsazak / sysmon
  Sysmon and wazuh integration with Sigma sysmon rules [updated]
  ☆65Updated 3 years ago
• juaromu / wazuh-domain-stats-alienvault
  ☆16Updated 3 years ago
• swiftbird07 / IRIS-SOAR
  🚀 IRIS-SOAR: Modular SOAR (Security Orchestration, Automation, and Response) implementation in Python. Designed to complement DFIR-IRIS …
  ☆10Updated last year
• cerebrate-project / cerebrate
  Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…
  ☆88Updated last month
• PaloAltoNetworks / minemeld-misp
  MineMeld nodes for MISP
  ☆19Updated last year
• TheHive-Project / Synapse
  Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform
  ☆71Updated last year
• HASecuritySolutions / Sysmon-Manager
  This repo contains information on how to auto deploy Sysmon via GPO and Task Scheduler
  ☆12Updated 3 years ago
• HKcyberstark / TI_Mod
  Threat Intelligence with Elastic - Minemeld integration with Elasticsearch
  ☆19Updated 4 years ago
• blookot / rsa2elk
  Converts Netwitness log parser configuration to Logstash configuration
  ☆20Updated 4 years ago
• juaromu / wazuh-misp
  ☆17Updated 2 years ago
• gerwout / pacs
  Pritunl Access Control System
  ☆10Updated 2 years ago
• 3c7 / common-osint-model
  Converting data from services like Censys and Shodan to a common data model
  ☆49Updated 8 months ago
• counteractive / incident-response-collector
  ☆16Updated 4 years ago
• atc-project / atc-mitigation
  Actionable analytics designed to combat threats based on MITRE's ATT&CK.
  ☆22Updated 5 years ago
• aacgood / Cortex-Analyzers
  A collection of Cortex Analyzers and Responders for TheHive/Cortex
  ☆13Updated 5 years ago
• cdefid / TheHiveIRPlaybook
  TheHiveIRPlaybook is a collection of TheHive case templates used for Incident Response
  ☆13Updated 4 years ago
• LogRhythm-Labs / Sigma
  Convert Sigma rules to LogRhythm searches
  ☆21Updated 3 years ago
• HKcyberstark / wazuh-ecs
  Parse wazuh[HIDS] alerts into ECS mapping using Filebeat
  ☆27Updated 4 years ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆22Updated 6 months ago
• Shuffle / shuffle-docs
  Documentation used for Shuffle
  ☆19Updated this week
• guardsight / gsvsoc_mission-model
  Incident Response Report Using GitHub-Sphinx
  ☆20Updated 5 years ago
• OwlH-net / OwlH-UI
  OwlH Master API Web User Interface
  ☆12Updated last year
• Security-Onion-Solutions / securityonion-image
  ☆48Updated this week
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆41Updated last year
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 5 months ago
• eric-ooi / elastic-m365
  Custom Kibana dashboards to secure and monitor Microsoft 365.
  ☆13Updated last year