Alternatives and similar repositories for 1-2-3-Cyber

Users that are interested in 1-2-3-Cyber are comparing it to the libraries listed below

• vz-risk / flow
  Tools related to work with Attack Flow (https://github.com/center-for-threat-informed-defense/attack-flow)
  ☆44Updated 3 years ago
• Zythom / french-wikipedia-word-list
  ☆25Updated 3 years ago
• stanfrbd / searchcve
  Command line tool to get CVE useful info from any web report using the NVD database (NIST). Time saver for analysts.
  ☆41Updated 8 months ago
• robo-red-team / Training-Platform
  Robo-Red-Team: Training platform for blue team cybersecurity professionals
  ☆51Updated 4 years ago
• visma-prodsec / columbo
  Columbo is a computer forensic analysis tool used to simplify and identify specific patterns in compromised datasets.
  ☆62Updated 3 years ago
• chrissanders / idh
  Intrusion Detection Honeypots Book Code
  ☆26Updated 5 years ago
• krakow2600 / atomic-threat-coverage
  The project was moved here https://github.com/atomic-threat-coverage/atomic-threat-coverage
  ☆25Updated 6 years ago
• lacework-dev / whalehoney_PUBLIC
  Public release of Whalehoney Honeypot
  ☆29Updated 3 years ago
• Neo23x0 / Cyber-Search-Shortcuts
  Browser Shortcuts for Cyber Security Related Online Services
  ☆78Updated 4 years ago
• telekom-security / acquire-aws-ec2
  A python script to acquire multiple aws ec2 instances in a forensically sound-ish way
  ☆38Updated 3 years ago
• enisaeu / Reference-Security-Incident-Taxonomy-Task-Force
  This repository hosts files relating to the TF-CSIRT Reference Security Incident Taxonomy Working Group.
  ☆70Updated 6 months ago
• swimlane / CLAW
  A packer utility to create and capture DFIR Image for use AWS & Azure
  ☆15Updated 6 years ago
• palantir / phishcatch
  A browser extension and API server for detecting corporate password use on external websites
  ☆94Updated last month
• ReconInfoSec / graylog2thehive
  Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.
  ☆45Updated 5 years ago
• nccgroup / KilledProcessCanary
  A canary designed to minimize the impact from certain Ransomware actors
  ☆100Updated 4 years ago
• JPCERTCC / MemoryForensic-on-Cloud
  Memory Forensic System on Cloud
  ☆91Updated last year
• aboutsecurity / jupyter-notebooks
  My Jupyter Notebooks
  ☆36Updated 7 months ago
• d3sre / IntelligentProcessLifecycle
  The Intelligent Process Lifecycle of Active Cyber Defenders
  ☆33Updated 2 years ago
• ANSSI-FR / ORADAD
  Outil de récupération automatique des données de l'Active Directory / Automated tool for dumping Active Directory data
  ☆271Updated 2 weeks ago
• swisscom / detections
  Threat intelligence and threat detection indicators (IOC, IOA)
  ☆52Updated 4 years ago
• DFIR-ORC / dfir-orc-config
  Configurations for DFIR ORC
  ☆28Updated last year
• nidem / forgedpillow
  A tool to modify timestamps in a packet capture to a user selected date
  ☆31Updated 4 years ago
• cudeso / CSIRT-Jump-Bag
  CSIRT Jump Bag
  ☆26Updated last year
• debernal / talks
  ☆23Updated 5 years ago
• NCSC-NL / citrix-2025
  ☆52Updated last month
• certsocietegenerale / NotifySecurity
  Outlook add-in companion to report suspicious mail easily
  ☆132Updated 3 years ago
• xme / SANS-ISC
  Data related to the SANS Internet Storm Center
  ☆13Updated last month
• neolea / neolea-training-materials
  Open source training materials for law-enforcement and organisations interested in DFIR.
  ☆61Updated 4 months ago
• cado-security / rip_raw
  Rip Raw is a small tool to analyse the memory of compromised Linux systems.
  ☆132Updated 3 years ago
• SecurityRiskAdvisors / ATTiRe
  Attack Tool Timing and Reporting - Structured Attack Logging Format
  ☆22Updated 2 years ago