Alternatives and similar repositories for flow:

Users that are interested in flow are comparing it to the libraries listed below

• philhagen / for572-scripts
  A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis
  ☆26Updated 3 months ago
• cudeso / CSIRT-Jump-Bag
  CSIRT Jump Bag
  ☆27Updated 10 months ago
• lacework-dev / whalehoney_PUBLIC
  Public release of Whalehoney Honeypot
  ☆29Updated 3 years ago
• jsecurity101 / Automated-Detection-Pipeline
  ☆15Updated 4 years ago
• ReconInfoSec / rhq
  Recon Hunt Queries
  ☆76Updated 3 years ago
• haidermdost / Threat-Detection-Maturity-Framework
  ☆18Updated 3 years ago
• chrissanders / idh
  Intrusion Detection Honeypots Book Code
  ☆25Updated 4 years ago
• cyentific-rni / SAG
  An elevated STIX representation of the MITRE ATT&CK Groups knowledge base
  ☆23Updated 2 years ago
• aboutsecurity / jupyter-notebooks
  My Jupyter Notebooks
  ☆36Updated last week
• bengoerz / PurpleTeamDocs
  ☆28Updated 4 years ago
• swimlane / PSAttck
  PSAttck is a light-weight framework for the MITRE ATT&CK Framework.
  ☆38Updated 3 years ago
• jshlbrd / threat-hunting-pocket-guide
  pocket guide for core threat hunting concepts
  ☆23Updated 4 years ago
• krakow2600 / atomic-threat-coverage
  The project was moved here https://github.com/atomic-threat-coverage/atomic-threat-coverage
  ☆24Updated 5 years ago
• d3sre / IntelligentProcessLifecycle
  The Intelligent Process Lifecycle of Active Cyber Defenders
  ☆31Updated 2 years ago
• OllieJC / tbat
  Threat Box Assessment Tool
  ☆19Updated 3 years ago
• blueteam0ps / det-eng-samples
  This repository contains sample log data that were collected after running adversary simulations in Microsoft 365
  ☆20Updated 5 months ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆54Updated 8 months ago
• Mostafayahia-hunter / Virustotal-python-API-Domains-IPs-and-URLs-
  ☆21Updated 3 years ago
• mattreduce / cti-self-study
  Track progress and keep notes while working through likethecoins' CTI Self Study Plan
  ☆28Updated 2 years ago
• bromiley / pollen
  pollen - A command-line tool for interacting with TheHive
  ☆35Updated 5 years ago
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆39Updated 10 months ago
• phainlen / DNS-Hunting
  Use DNS to hunt for threats including DGAs
  ☆15Updated 9 years ago
• center-for-threat-informed-defense / summiting-the-pyramid
  Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…
  ☆36Updated last week
• stvemillertime / RonnieColemanYARAParser
  An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.
  ☆21Updated 2 years ago
• DefensiveOrigins / Training
  Defensive Origins Training Schedule
  ☆38Updated last year
• center-for-threat-informed-defense / public-resources
  Collection of resources related to the Center for Threat-Informed Defense
  ☆77Updated 9 months ago
• sans-blue-team / sec455-wiki
  ☆30Updated 6 years ago
• w8mej / ThreatPlays
  Sharing Threat Hunting runbooks
  ☆25Updated 5 years ago
• ajackal / ir_scripts
  incident response scripts
  ☆19Updated 6 years ago
• ashwin-patil / threat-hunting-with-notebooks
  Repository with Sample threat hunting notebooks on Security Event Log Data Sources
  ☆63Updated 2 years ago