ExtraHop / threat-intelligence-toolkitLinks
Utility to automate generating and uploading STIX files to ExtraHop appliances via the REST API.
☆8Updated last week
Alternatives and similar repositories for threat-intelligence-toolkit
Users that are interested in threat-intelligence-toolkit are comparing it to the libraries listed below
Sorting:
- ExtraHop public code examples☆36Updated 7 months ago
- ☆12Updated 2 months ago
- Security Alert Decoration☆27Updated 2 months ago
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆34Updated this week
- Falcon Integration Gateway (FIG)☆18Updated last month
- Cloud security tutorials and best practices☆38Updated 2 years ago
- Knowledge Report Alert & Normalization Generator☆27Updated last year
- Decision trees generated via Graphviz to inform pragmatic threat modelling.☆11Updated 4 years ago
- Corelight-Ansible-Roles are a collection of Ansible Roles and playbooks that install, configure, run and manage a variety of Corelight, S…☆16Updated 4 years ago
- Kestrel Jupyter Notebook Kernel☆9Updated last year
- Workflows for Shuffle☆23Updated 2 years ago
- Landing Page Content/Builder for MITRE Security Automation Framework☆29Updated 2 weeks ago
- A Spicy protocol analyzer for WireGuard☆29Updated 4 years ago
- Automated process to build and distribute Posture & Exposure Reports' bi-weekly to customers.☆17Updated last year
- OSCAL SSP content for technologies shipped by Red Hat☆15Updated 2 years ago
- Caldera plugin to deploy "humans" to emulate user behavior on systems☆28Updated last year
- Fun tools around the EBS Direct API☆18Updated 4 years ago
- OCA-wide documentation shared by all sub-projects and repositories☆33Updated 7 months ago
- A reimplementation of the EtherApe style display for OS X. Note that this is not a fork of EtherApe. Written in a kinder, gentler, age …☆16Updated 6 years ago
- A few quick recipes for those that do not have much time during the day☆22Updated 7 months ago
- Firepit - STIX Columnar Storage☆16Updated last year
- A tool that allows you to document and assess any security automation in your SOC☆46Updated 7 months ago
- A python script to acquire multiple aws ec2 instances in a forensically sound-ish way☆38Updated 3 years ago
- 🚀 IRIS-SOAR: Modular SOAR (Security Orchestration, Automation, and Response) implementation in Python. Designed to complement DFIR-IRIS …☆10Updated last year
- AWS infrastructure for Cyber Hygiene and BOD 18-01 scanning☆22Updated this week
- Attack Range to test detection against nativel serverless cloud services and environments☆35Updated 3 years ago
- Cloud threat detection visualization from excalidraw☆12Updated 3 years ago
- DEPRECATED: A set of utilities for converting and working with compliance data for viewing in the heimdall applications☆35Updated 3 years ago
- Manage GuardDuty At Enterprise Scale☆22Updated 4 years ago
- Pep up your Windows Event Collector (WEC) for Windows Event Forwarding (WEF)☆19Updated 3 years ago