4sConsult / box4securityLinks
Open-source powered SIEM, Vulnerability Scanning, Host- & Network-IDS. Built upon Elastic Stack, OpenVAS, Suricata. Wrapped in a Python Flask web app.
☆15Updated 3 years ago
Alternatives and similar repositories for box4security
Users that are interested in box4security are comparing it to the libraries listed below
Sorting:
- Wazuh integration TheHive☆39Updated 2 years ago
- ☆39Updated 2 years ago
- Integrate your Wazuh-Manager or Graylog with the SOCFortress Threat Intel Service☆30Updated last year
- The Enhanced MITRE ATT&CK® Coverage Tracker is an Excel tool for SOCs to measure and improve detection coverage of cyber threats. It simp…☆30Updated last week
- A SOC Analyst's tool to automate the investigation & validation of possible Indicators of Compromise (IOCs) and perform various tasks inc…☆27Updated 3 years ago
- ☆19Updated 3 years ago
- Run Velociraptor on Security Onion☆40Updated 3 years ago
- A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense☆100Updated last year
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆49Updated last year
- OpenAEV Docker deployment helpers☆23Updated this week
- Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.☆35Updated 3 years ago
- Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…☆49Updated last month
- ☆53Updated 3 years ago
- Sysmon and wazuh integration with Sigma sysmon rules [updated]☆70Updated 4 years ago
- Docker configurations for TheHive, Cortex and 3rd party tools☆126Updated 2 years ago
- A collection of dashboards, templates, API's and Power BI code for vulnerability management and analysis☆23Updated 8 months ago
- Collection of Dashboards for Threat Hunting and more!☆70Updated 4 years ago
- Security Onion + Automation + Response Lab including n8n and Velociraptor☆112Updated 3 years ago
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆95Updated 3 years ago
- Cybersecurity Incident Response Plan☆105Updated 5 years ago
- CrowdStrike Falcon Queries For Advanced Threat Detection☆26Updated 7 months ago
- 🧬 Mitre Interactive Network Graph (APTs, Malware, Tools, Techniques & Tactics)☆98Updated 3 years ago
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆74Updated 3 weeks ago
- ☆19Updated 2 years ago
- Docker container for the gophish phishing framework.☆52Updated this week
- A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the…☆63Updated 2 years ago
- Dictionary of CTI-related acronyms, terms, and jargon☆144Updated last year
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆131Updated last year
- Import CrowdStrike Threat Intelligence into your instance of MISP☆48Updated 4 months ago
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆58Updated 3 years ago