Threat Intelligence with Elastic - Minemeld integration with Elasticsearch
☆19May 11, 2021Updated 4 years ago
Alternatives and similar repositories for TI_Mod
Users that are interested in TI_Mod are comparing it to the libraries listed below
Sorting:
- Parse wazuh[HIDS] alerts into ECS mapping using Filebeat☆27Jul 21, 2020Updated 5 years ago
- Ansible playbook for installing MineMeld on Linux☆47Mar 18, 2021Updated 4 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Jan 6, 2021Updated 5 years ago
- Ripple20 Critical Vulnerabilities - Detection Logic and Signatures☆12May 28, 2021Updated 4 years ago
- A solution for using the ElastiFlow Unified Collector with the Elastic Stack (Elasticsearch and Kibana).☆25Nov 10, 2025Updated 3 months ago
- ☆13Feb 25, 2021Updated 5 years ago
- Parse Suricata rules☆14Aug 1, 2023Updated 2 years ago
- ☆12Apr 23, 2020Updated 5 years ago
- A collection of Cortex Analyzers and Responders for TheHive/Cortex☆13Jan 29, 2020Updated 6 years ago
- ☆12Jan 28, 2020Updated 6 years ago
- A simple way of detecting multithreaded exfiltration in Zeek.☆15May 1, 2025Updated 10 months ago
- A Zeek package for the passive detection of "Ripple20" vulnerabilities in the Treck TCP/IP stack.☆33Jun 29, 2022Updated 3 years ago
- A Sigma to Wazuh / OSSEC converter including a generated Windows Sysmon ruleset☆38Jun 8, 2020Updated 5 years ago
- This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.☆35Jul 8, 2019Updated 6 years ago
- Add POST body excerpt to Bro's HTTP log☆14Dec 10, 2025Updated 2 months ago
- Plugin for Kibana Version4.x and 5.x☆13Sep 25, 2017Updated 8 years ago
- Zeek Training Materials/Products☆41Feb 2, 2026Updated last month
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆39Aug 18, 2022Updated 3 years ago
- Tachikoma is a security alerting framework for human beings☆22Sep 7, 2018Updated 7 years ago
- PANW Firewall Visualisations using Elastic Stack☆91Mar 5, 2023Updated 2 years ago
- Converts Netwitness log parser configuration to Logstash configuration☆20Sep 10, 2020Updated 5 years ago
- Vulnerability Assessment Module - OpenVas with Elastic stack using VulnWhisperer☆19Jun 11, 2019Updated 6 years ago
- A script to create and assign SOP tasks into the cases☆20Aug 16, 2020Updated 5 years ago
- Suricata LUA scripts to detect CVE-2019-12255, CVE-2019-12256, CVE-2019-12258, and CVE-2019-12260☆19Nov 28, 2019Updated 6 years ago
- Example configuration files for Logstash☆44Oct 30, 2019Updated 6 years ago
- This repository contains a few examples of actions that can be added to rules within Elastic Security.☆24Feb 6, 2025Updated last year
- A few quick recipes for those that do not have much time during the day☆22Oct 28, 2024Updated last year
- Web-based sensor management suite☆20Mar 2, 2023Updated 3 years ago
- A Workflow for Data Scientists to bring Jupyter Notebook Visualizations to Kibana Dashboards☆45Jan 18, 2023Updated 3 years ago
- Zeek package for tracking long connections to report them before they have completed.☆31Nov 25, 2025Updated 3 months ago
- Repository for SPEED SIEM Use Case Framework☆60May 2, 2020Updated 5 years ago
- Scripts for Bro IDS and ELK Stack☆57Sep 2, 2015Updated 10 years ago
- Quickly generate suricata rules for IOCs☆28Apr 30, 2021Updated 4 years ago
- A cyber threat intelligence server based on TAXII 2 and written in Golang☆32Sep 19, 2019Updated 6 years ago
- Meer is a "spooler" for Suricata / Sagan.☆30Jun 21, 2023Updated 2 years ago
- ☆33Updated this week
- Ansible playbook automation for pfelk☆23Jan 11, 2022Updated 4 years ago
- Zeek package to create JSON formatted logs to stream into data analysis systems.☆30Dec 3, 2025Updated 3 months ago
- A Spicy protocol analyzer for WireGuard☆29Aug 11, 2020Updated 5 years ago