ExtraHop / threat-intelligence-toolkit
Utility to automate generating and uploading STIX files to ExtraHop appliances via the REST API.
☆8Updated 9 months ago
Alternatives and similar repositories for threat-intelligence-toolkit:
Users that are interested in threat-intelligence-toolkit are comparing it to the libraries listed below
- ExtraHop public code examples☆34Updated 5 months ago
- OCA-wide documentation shared by all sub-projects and repositories☆33Updated 5 months ago
- Falcon Integration Gateway (FIG)☆18Updated this week
- Security Alert Decoration☆27Updated this week
- Automated process to build and distribute Posture & Exposure Reports' bi-weekly to customers.☆17Updated last year
- Decision trees generated via Graphviz to inform pragmatic threat modelling.☆11Updated 4 years ago
- Create machine images containing the Nessus vulnerability scanner☆13Updated 2 weeks ago
- Cloud deployment size calculation utilities☆18Updated last month
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆34Updated this week
- An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…☆46Updated this week
- Defending IaaS with ATT&CK is a project to create a collection of ATT&CK techniques relevant to a Linux IaaS environment, as well as a me…☆14Updated last year
- Helm charts for running open source digital forensic tools in Kubernetes☆91Updated this week
- This project can be used to create AMIs based on Kali Linux, a penetration testing distribution.☆21Updated 2 weeks ago
- Virtual machines that are set up with a variety of known vulnerabilities.☆14Updated 3 years ago
- ☆45Updated 10 months ago
- Python samples and utilities for Chronicle APIs☆81Updated last month
- Workflows for Shuffle☆21Updated 2 years ago
- Falcon Data Replicator☆31Updated 2 weeks ago
- Cloud security tutorials and best practices☆38Updated 2 years ago
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆53Updated 2 years ago
- Developer enhancements (DX) for FalconPy, the CrowdStrike Python SDK☆38Updated this week
- AWS infrastructure for Cyber Hygiene and BOD 18-01 scanning☆21Updated 2 weeks ago
- Pep up your Windows Event Collector (WEC) for Windows Event Forwarding (WEF)☆19Updated 3 years ago
- eMASSer is a command-line interface (CLI) that aims to automate routine business use-cases and provide utility surrounding the Enterprise…☆41Updated this week
- The NAVV (Network Architecture Verification and Validation) tool creates a spreadsheet for network traffic analysis from PCAP data and Ze…☆31Updated 10 months ago
- A POC to implement Detection-as-Code with Terraform and Sumo Logic.☆27Updated last year
- ☆33Updated 2 years ago
- Global Security Database Tools☆42Updated last year
- Search a filesystem for indicators of compromise (IoC).☆71Updated 2 months ago
- Build Automated Machine Images for MISP☆28Updated last year