ExtraHop / threat-intelligence-toolkitLinks
Utility to automate generating and uploading STIX files to ExtraHop appliances via the REST API.
☆8Updated 10 months ago
Alternatives and similar repositories for threat-intelligence-toolkit
Users that are interested in threat-intelligence-toolkit are comparing it to the libraries listed below
Sorting:
- ExtraHop public code examples☆34Updated 6 months ago
- Falcon Integration Gateway (FIG)☆18Updated last month
- Automated process to build and distribute Posture & Exposure Reports' bi-weekly to customers.☆17Updated last year
- Cross cloud workload identity research and workshops☆38Updated last month
- ☆12Updated last month
- Kestrel Jupyter Notebook Kernel☆9Updated last year
- OCA-wide documentation shared by all sub-projects and repositories☆33Updated 7 months ago
- Cloud deployment size calculation utilities☆20Updated last week
- eMASSer is a command-line interface (CLI) that aims to automate routine business use-cases and provide utility surrounding the Enterprise…☆41Updated last month
- Search a filesystem for indicators of compromise (IoC).☆73Updated last week
- ☆32Updated 2 months ago
- Pep up your Windows Event Collector (WEC) for Windows Event Forwarding (WEF)☆19Updated 3 years ago
- Landing Page Content/Builder for MITRE Security Automation Framework☆29Updated 2 weeks ago
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆53Updated 2 years ago
- Create machine images containing the Nessus vulnerability scanner☆13Updated last week
- CrowdStrike's Open Source Policy & Contribution Guide☆40Updated 2 months ago
- Understand OVAL results in a blink of an eye☆35Updated 2 years ago
- Discover for Cloud and Containers Azure☆29Updated 4 months ago
- ☆46Updated last year
- The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools…☆150Updated this week
- Python samples and utilities for Chronicle APIs☆83Updated this week
- 🚀 IRIS-SOAR: Modular SOAR (Security Orchestration, Automation, and Response) implementation in Python. Designed to complement DFIR-IRIS …☆10Updated last year
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆34Updated last month
- Orchestrate gatherer, scanner, saver, and trustymail_reporter☆18Updated this week
- A generic skeleton project for quickly getting a new cisagov project started.☆18Updated this week
- Corelight-Ansible-Roles are a collection of Ansible Roles and playbooks that install, configure, run and manage a variety of Corelight, S…☆16Updated 3 years ago
- Web based S1 query navigator for one-click threat hunting☆19Updated 4 years ago
- Workflows for Shuffle☆23Updated 2 years ago
- Falcon Data Replicator☆31Updated last month
- ☆54Updated this week