ExtraHop / code-examples

Related projects: ⓘ

• Security-Onion-Solutions / securityonion-docs
  ☆84Updated last week
• PaloAltoNetworks / minemeld-ansible
  Ansible playbook for installing MineMeld on Linux
  ☆48Updated 3 years ago
• sans-blue-team / sec530-wiki
  ☆51Updated 3 years ago
• cisagov / ioc-scanner
  Search a filesystem for indicators of compromise (IoC).
  ☆66Updated 3 weeks ago
• CrowdStrike / FDR
  Falcon Data Replicator
  ☆29Updated 5 months ago
• cisagov / cool-system
  ☆65Updated this week
• CiscoSecurity / fp-05-firepower-cef-connector-arcsight
  Cisco eStreamer client
  ☆25Updated 2 years ago
• The-Shadowserver-Foundation / api_utils
  Sample programs to access the API
  ☆57Updated 2 months ago
• PaloAltoNetworks / minemeld-webui
  WebUI of MineMeld
  ☆43Updated last year
• activecm / threat-hunting-labs
  Collection of walkthroughs on various threat hunting techniques
  ☆73Updated 4 years ago
• CrowdStrike / Cloud-Azure
  Discover for Cloud and Containers Azure
  ☆27Updated 2 months ago
• PaloAltoNetworks / minemeld-docker
  Official Palo Alto Networks MineMeld docker
  ☆16Updated 4 years ago
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆122Updated 3 weeks ago
• activecm / docker-zeek
  Run zeek with zeekctl in docker
  ☆46Updated last week
• CiscoSE / SnortBlocklistImporter
  This is a script to import Cisco Talos's IP Blacklist into a Tag (Host Group) within Stealthwatch. This will also optionally create a Cu…
  ☆11Updated last year
• rapid7 / insightconnect-plugins
  Plugin source code for the InsightConnect SOAR product, developer documentation at https://docs.rapid7.com/insightconnect/getting-started
  ☆66Updated this week
• splunk / attack_range_cloud
  Attack Range to test detection against nativel serverless cloud services and environments
  ☆35Updated 3 years ago
• PaloAltoNetworks / minemeld-misp
  MineMeld nodes for MISP
  ☆18Updated 7 months ago
• tuckner / automation-capability-matrix
  A tool that allows you to document and assess any security automation in your SOC
  ☆40Updated 4 months ago
• LogRhythm-Tools / LogRhythm.Tools
  LogRhythm PowerShell Toolkit
  ☆48Updated 11 months ago
• LogRhythm-Labs / Sigma
  Convert Sigma rules to LogRhythm searches
  ☆19Updated 2 years ago
• center-for-threat-informed-defense / public-resources
  Collection of resources related to the Center for Threat-Informed Defense
  ☆77Updated 3 months ago
• PaloAltoNetworks / Splunk-Apps
  Palo Alto Networks App for Splunk leverages the data visibility provided by Palo Alto Networks next-generation firewalls and endpoint sec…
  ☆103Updated 2 months ago
• carbonblack / carbon-black-cloud-sdk-python
  VMware Carbon Black Cloud Python SDK
  ☆40Updated last week
• OTRF / infosec-jupyter-book
  The Infosec Community Definitive Guide to Jupyter Notebooks
  ☆108Updated 3 years ago
• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆66Updated last year
• ThreatConnect-Inc / threatconnect-playbooks
  Community driven repository of Playbooks and Apps for ThreatConnect.
  ☆68Updated last month
• weslambert / securityonion-misp
  ☆34Updated 3 years ago
• CiscoSecurity / amp-01-basics
  Scripts that cover the basics of interacting with the AMP for Endpoints API
  ☆17Updated 5 years ago
• CrowdStrike / community
  CrowdStrike's Open Source Policy & Contribution Guide
  ☆35Updated last year
• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆34Updated 2 years ago