Alternatives and similar repositories for true-positive

Users that are interested in true-positive are comparing it to the libraries listed below

• cerebrate-project / cerebrate
  Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…
  ☆91Updated 2 weeks ago
• 0xThiebaut / sigmai
  Import specific data sources into the Sigma generic and open signature format.
  ☆79Updated 3 years ago
• CERT-Bund / IRNetTools
  Incident Response Network Tools
  ☆24Updated 4 years ago
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆49Updated last year
• flowintel / flowintel
  An open source platform to support analysts to organise their case and tasks
  ☆110Updated 2 weeks ago
• Shuffle / workflows
  Workflows for Shuffle
  ☆24Updated 3 years ago
• sametsazak / sysmon
  Sysmon and wazuh integration with Sigma sysmon rules [updated]
  ☆70Updated 4 years ago
• karthikkbala / MISP-QRadar-Integration
  The Project can be used to integrate QRadar with MISP Threat Sharing Platform
  ☆40Updated 3 years ago
• monarc-project / MonarcAppFO
  MONARC - Method for an Optimised aNAlysis of Risks by @NC3-LU
  ☆114Updated this week
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆75Updated 11 months ago
• Truvis / Splunk_TA_Truvis_Suricata5
  This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup…
  ☆15Updated 5 years ago
• WillOram / cyber-incident-management
  Notes on managing and coordinating the response to major cyber incidents
  ☆41Updated 5 years ago
• misje / opencti-wazuh-connector
  OpenCTI–Wazuh connector looking for indicators in Wazuh and creating sightings
  ☆22Updated last year
• veeral-patel / incidents
  Please use https://github.com/veeral-patel/true-positive instead
  ☆70Updated 2 years ago
• target / strelka-ui
  Strelka Web UI for File Submission and Analysis
  ☆72Updated last week
• CanTopay / thehive-playbook-creator
  A script to create and assign SOP tasks into the cases
  ☆20Updated 5 years ago
• Loginsoft-LLC / threat-detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆53Updated 3 years ago
• weslambert / DinoSOARLab
  Security Onion + Automation + Response Lab including n8n and Velociraptor
  ☆112Updated 3 years ago
• z1pti3 / jimi
  Jimi is an automation first no-code platform designed and developed originally for Security Orchestration and Response. Since its launch …
  ☆167Updated last year
• SophosRapidResponse / OSQuery
  ☆88Updated 8 months ago
• blackstork-io / fabric-templates
  Open-source Fabric templates for cybersecurity and compliance
  ☆27Updated 10 months ago
• TheHive-Project / Docker-Templates
  Docker configurations for TheHive, Cortex and 3rd party tools
  ☆128Updated 2 years ago
• vector-sec / public-sublime-rules
  ☆10Updated 10 months ago
• swiftbird07 / IRIS-SOAR
  🚀 IRIS-SOAR: Modular SOAR (Security Orchestration, Automation, and Response) implementation in Python. Designed to complement DFIR-IRIS …
  ☆11Updated last year
• alwashmi / MasterParser
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆23Updated 4 years ago
• RH-ISAC / PyOTI
  Python library for threat intelligence
  ☆91Updated 10 months ago
• newcontext-oss / opencti-terraform
  Terraform scripts for deploying OpenCTI to AWS, Azure, and GCP
  ☆33Updated last year
• cudeso / dfir-iris-misp-timesketch
  Scripts to integrate DFIR-IRIS, MISP and TimeSketch
  ☆34Updated 3 years ago
• eCrimeLabs / MISP2CbR
  Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.
  ☆20Updated 3 years ago
• ReconInfoSec / graylog2thehive
  Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.
  ☆45Updated 5 years ago