☆34Apr 29, 2021Updated 4 years ago
Alternatives and similar repositories for elastic_stack
Users that are interested in elastic_stack are comparing it to the libraries listed below
Sorting:
- Contains Logstash related content including tons of Logstash configurations☆254Aug 25, 2021Updated 4 years ago
- ☆134Mar 21, 2024Updated last year
- Using osquery for Mass Incident Detection & Response☆19Jun 25, 2016Updated 9 years ago
- ☆50Aug 30, 2020Updated 5 years ago
- This is a repository for freq.py and freq_server.py☆215Feb 1, 2026Updated 3 weeks ago
- Windows version of honeybits - a PoC tool to create breadcrumbs and honeytokens, to lead the attackers to your honeypots!☆25Jun 19, 2017Updated 8 years ago
- Popping boxes with Nmap☆18Apr 16, 2012Updated 13 years ago
- ☆10Nov 21, 2023Updated 2 years ago
- A collection of notebooks built for defensive and offensive operations.☆77Oct 13, 2020Updated 5 years ago
- Reflex SOAR☆12Apr 1, 2022Updated 3 years ago
- Carving tool based in Radare2 & Yara☆16Oct 30, 2018Updated 7 years ago
- Honeybadger Red Edition☆13Sep 13, 2017Updated 8 years ago
- Scripts for Looking up OUIs or Vendor information from MAC addresses☆11Dec 24, 2023Updated 2 years ago
- ☆77Jun 25, 2019Updated 6 years ago
- pocket guide for core detection engineering concepts☆31May 8, 2023Updated 2 years ago
- A tool for studying JavaScript malware.☆15Updated this week
- Use DNS to hunt for threats including DGAs☆15Jan 4, 2016Updated 10 years ago
- This repository is created to add value to existing Network Security Monitoring solutions.☆17Sep 30, 2016Updated 9 years ago
- Logstash Input Plugin for Cloudflare logs☆14Dec 31, 2019Updated 6 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆14Feb 1, 2022Updated 4 years ago
- Attack Range to test detection against nativel serverless cloud services and environments☆35Sep 8, 2021Updated 4 years ago
- Philly Security Shell meetup demo and related files☆32Apr 15, 2019Updated 6 years ago
- Snapshot, patch, health-check, and potentially roll-back Windows VMs☆34Feb 20, 2018Updated 8 years ago
- OpenDXL Broker is an open source version of a Data Exchange Layer (DXL) broker☆14Feb 11, 2024Updated 2 years ago
- Resource links (video, slides & code) for my conference talks | presentations | workshops☆21Nov 17, 2025Updated 3 months ago
- Repository of resources for configuring a Red Team SIEM using Elastic☆101Jul 10, 2018Updated 7 years ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆208Jul 21, 2022Updated 3 years ago
- Gather domains as a precursor to scanning☆21Feb 18, 2026Updated last week
- A web front-end for password cracking and analytics☆16Jan 6, 2019Updated 7 years ago
- Splunk Technology Add-On (TA) for collecting ETW events from Windows systems☆17Dec 8, 2022Updated 3 years ago
- Applied Purple Teaming - (ITOCI4hr) - Infrastructure, Threat Optics, and Continuous Improvement - June 6, 2020☆323Jan 22, 2021Updated 5 years ago
- An extensible honeypot framework☆95Jul 15, 2022Updated 3 years ago
- PowerShell Memory Pulling script☆19Mar 24, 2015Updated 10 years ago
- ☆39Dec 10, 2020Updated 5 years ago
- ☆227Nov 9, 2023Updated 2 years ago
- RustHunter is a modular incident response framework based on Rust and Ansible to build and compare environmental baselines.☆18Nov 12, 2025Updated 3 months ago
- ☆49Apr 22, 2013Updated 12 years ago
- Manufacturer Usage Description (MUD) is a technique whereby constrained end devices (e.g., IoT devices) can signal to the network what so…☆25Jul 5, 2021Updated 4 years ago
- Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana☆298Feb 9, 2026Updated 2 weeks ago