DidierStevensSuite
Please no pull requests for this repository. Thanks! (by DidierStevens)
TheHive
TheHive: a Scalable, Open Source and Free Security Incident Response Platform (by TheHive-Project)
Our great sponsors
| DidierStevensSuite | TheHive | |
|---|---|---|
| 2 | 13 | |
| 1,216 | 2,459 | |
| - | 2.5% | |
| 6.3 | 8.9 | |
| 7 days ago | 6 days ago | |
| Python | Scala | |
| - | GNU Affero General Public License v3.0 |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
DidierStevensSuite
Posts with mentions or reviews of DidierStevensSuite.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-09-03.
-
Extracting attachments from saved emails (.eml)
You can install emldump and programmatically extract all attachments
-
What's in your toolkit?
Didier Stevens Suite - He has a tool for everything.
TheHive
Posts with mentions or reviews of TheHive.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-10-18.
-
What are good ways to organize notes during an incident? CISObox?
Take a look at TheHive! It's free, as long as you can spend some cycles hosting, maintaining, and updating it. I was able to stand up a basic instance within an hour or so, plus they have a really useful demo VM prebuilt that lets you literally import a demo instance to play around with.
-
We are a security team with 20+ years of ethical hacking, and we've defended over 2 million attacks with Blumira. Ask Us Anything.
https://thehive-project.org/ - of course :)
- Ran across this in a hacking penetration group. Thought it was pretty interesting.. A little to much so and a little too ironic to not mean something.
-
SOC people, what are your goto websites for checking domain/IP reputation?
IntelOwl TheHive
-
Top 20 Open-source tools for every Blue Teamer
Its official website: https://thehive-project.org
-
I want to buy a SIEM, but I don't know which one
I also recommend checking out TheHive Project and Cortex. I used these in my SOC days and was super impressed with features, like linking incidents automatically based on reported IOCs. TheHive runs on elasticsearch under the hood, too.
-
What's in your toolkit?
We used to use TheHive and really liked it. The IoC tracking and case linking was very nice. And the Cortex integrations were awesome. And then manglement dictated a single ticket system to rule them all. Since they didn't bother to purchase the IR module, we're stuck with a subpar system which I'll leave nameless.
-
Need evidence management software recommendation
Depending on what you need TheHive might be a sufficient open source solution: https://github.com/TheHive-Project/TheHive
- Are there any free / open source Evidence Management Systems?
-
Looking for a solution for conducting investigations - organizing evidence, identifying patterns in log files, etc. Like digital forensics/intelligence gathering maybe? More details inside.
Maybe TheHive?
What are some alternatives?
When comparing DidierStevensSuite and TheHive you can also consider the following projects:
Aurora-Incident-Response - Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
Wazuh - Wazuh - The Open Source Security Platform
dislocker - FUSE driver to read/write Windows' BitLocker-ed volumes under Linux / Mac OSX
Kuiper - Digital Forensics Investigation Platform
velociraptor - Digging Deeper....
CortexDocs - Documentation of Cortex
dfirtrack - DFIRTrack - The Incident Response Tracking Application
dfir-orc - Forensics artefact collection tool for systems running Microsoft Windows
CyberChef - The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
grr - GRR Rapid Response: remote live forensics for incident response
scala-pet-store - An implementation of the java pet store using FP techniques in scala