This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.
☆35Jul 8, 2019Updated 6 years ago
Alternatives and similar repositories for Opensource-Endpoint-Monitoring
Users that are interested in Opensource-Endpoint-Monitoring are comparing it to the libraries listed below
Sorting:
- ☆13Apr 8, 2022Updated 3 years ago
- Scripts for TheHive.☆23Nov 15, 2019Updated 6 years ago
- ☆18Jun 8, 2018Updated 7 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19May 11, 2021Updated 4 years ago
- Test Blue Team detections without running any attack.☆271May 2, 2024Updated last year
- A script to create and assign SOP tasks into the cases☆20Aug 16, 2020Updated 5 years ago
- This repository regroups the Yara Rules for the Unprotect Project☆26Nov 19, 2020Updated 5 years ago
- Web interface to IntelMQ☆10Sep 10, 2025Updated 5 months ago
- The ContactDB project was initiated to cover the need for a tool to maintain contacts for CSIRT teams☆37Jan 21, 2022Updated 4 years ago
- Build Automated Machine Images for MISP☆29Jun 9, 2023Updated 2 years ago
- Validates yara rules and tries to repair the broken ones.☆41Sep 5, 2020Updated 5 years ago
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆65Oct 31, 2017Updated 8 years ago
- A simple many-rules to many-files YARA scanner for incident response or malware zoos.☆27Jun 3, 2018Updated 7 years ago
- Sysmon Tools for PowerShell☆12Aug 17, 2018Updated 7 years ago
- How can you track the hunting techniques you come up with?☆13Sep 3, 2017Updated 8 years ago
- Python CLI covering the FileScan.IO API - enabling automatic interaction with www.filescan.io or private instances☆16Jul 15, 2025Updated 7 months ago
- Bro/Zeek integration with osquery☆93Nov 2, 2020Updated 5 years ago
- CIFv3 Ubuntu 16.04 Docker Container (Bearded Avenger)☆12Apr 18, 2018Updated 7 years ago
- Python script that gets IOC from MISP and converts it into BRO intel files.☆13Apr 17, 2016Updated 9 years ago
- Simple Distributed IOC Scanner☆12Jul 27, 2015Updated 10 years ago
- A framework that correlates Bro events☆18Oct 25, 2013Updated 12 years ago
- ☆23May 19, 2019Updated 6 years ago
- This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant ya…☆120Apr 14, 2021Updated 4 years ago
- FireEye Alert json files to MISP Malware information sharing plattform (Alpha)☆32Jun 11, 2017Updated 8 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Aug 3, 2019Updated 6 years ago
- A repository of Sysmon For Linux configuration modules☆16Oct 14, 2021Updated 4 years ago
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆29Jun 11, 2020Updated 5 years ago
- Malice Office/OLE/RTF Plugin☆13Aug 29, 2018Updated 7 years ago
- Validate IOC from MISP ; Export results and iocs to SIEM and sensors using syslog and CEF format☆14Sep 13, 2016Updated 9 years ago
- This script will pull and analyze syscalls in given application(s) allowing for easier security research purposes☆21Mar 11, 2021Updated 4 years ago
- ☆16May 20, 2022Updated 3 years ago
- Binarly SDK v1☆14Dec 18, 2016Updated 9 years ago
- An open source framework for enterprise level automated analysis.☆394Jun 27, 2022Updated 3 years ago
- Searches for Insider Threat Hunting☆29May 2, 2019Updated 6 years ago
- Command-line Interface for Binar.ly☆39Jan 13, 2017Updated 9 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Aug 30, 2022Updated 3 years ago
- Integration between MISP platform and McAfee MVISION EDR☆14Mar 14, 2022Updated 3 years ago
- A powerful Burp extension to make bounty rain☆14Feb 1, 2022Updated 4 years ago
- The DearBytes remote integrity tool is an IDS (Intrusion Detection System) that keeps track of files on a remote server and logs an event…☆12Apr 18, 2019Updated 6 years ago