Krook9d / TA-Purplelab-SplunkLinks
Splunk add-on related to the PurpleLab tool
☆41Updated last year
Alternatives and similar repositories for TA-Purplelab-Splunk
Users that are interested in TA-Purplelab-Splunk are comparing it to the libraries listed below
Sorting:
- Generate MITRE ATT&CK and D3FEND from a list of CVEs. Database with CVE, CWE, CAPEC, MITRE ATT&CK and D3FEND Techniques data is updated d…☆257Updated this week
- CyberSecurity BLUE TEAM containerized platform that brings together open-source tools for SIEM, DFIR, CTI, SOAR, and Network Analysis☆405Updated 2 months ago
- ☆190Updated last year
- Have you ever wanted to search a link or IP address on multiple OSINT pages at once?☆58Updated 5 months ago
- DECeption with Evaluative Integrated Validation Engine (DECEIVE): Let an LLM do all the hard honeypot work!☆268Updated 6 months ago
- ☆218Updated last year
- Automation tool for Windows Deception Host Burn-In☆86Updated last year
- Security automation with n8n ideas: 100+ Red/Blue/AppSec workflows, integrations, and ready-to-run playbooks.☆223Updated 3 months ago
- Knowledge base on cybercriminal concealment techniques☆88Updated 7 months ago
- ☆119Updated 6 months ago
- BusPwn V1.0 is a powerful Modbus hacking framework designed for testing and exploiting vulnerabilities in Modbus-based systems commonly f…☆26Updated 8 months ago
- AI-powered cybersecurity attack flow visualization tool using MITRE ATT&CK☆190Updated 3 weeks ago
- This project is a Terraform-based implementation for deploying a Security Operations Center (SOC) using Kali Linux in AWS. It provides an…☆117Updated last year
- Modern honeypot supporting multiple services, realistic website cloning, and AI-powered features☆152Updated 2 weeks ago
- ThreatSeeker: Threat Hunting via Windows Event Logs☆123Updated 2 years ago
- Sniffing out well-known threat groups☆64Updated last year
- Parse and analyze a Windows Amcache.hve registry hive, VirusTotal integration.☆105Updated 4 months ago
- ☆35Updated last year
- The Enhanced MITRE ATT&CK® Coverage Tracker is an Excel tool for SOCs to measure and improve detection coverage of cyber threats. It simp…☆32Updated last month
- A comprehensive PowerShell-based threat hunting and incident response framework for Windows environments, built around Sysmon event analy…☆41Updated 5 months ago
- MISP Playbooks☆222Updated 2 months ago
- SOAR Automation with Shuffle, Wazuh & TheHive | This project integrates Shuffle SOAR, Wazuh SIEM, and TheHive to automate security incide…☆116Updated 10 months ago
- Permiso Security has created a tool to query snowflake environments for evidence of compromise, based on indicators from Permiso and the …☆73Updated last year
- Integrate your Wazuh-Manager or Graylog with the SOCFortress Threat Intel Service☆31Updated last year
- An automated Adversary Emulation lab with terraform and MCP server. Build Caldera techniques and operations assisted with LLMs. Built f…☆203Updated 3 weeks ago
- Mapping of open-source detection rules and atomic tests.☆191Updated 11 months ago
- Cyber threat intelligence tool suite.☆42Updated 8 months ago
- A simple-to-use IR (incident response) case management tool for tracking and documenting investigations.☆427Updated 2 months ago
- Track C2 servers, tools, and botnets over time by framework and location☆43Updated 10 months ago
- 🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.☆81Updated 8 months ago