Parses the FireEye HX .mans triage collections and sends them to ElasticSearch
☆17Feb 17, 2023Updated 3 years ago
Alternatives and similar repositories for mans_to_es
Users that are interested in mans_to_es are comparing it to the libraries listed below
Sorting:
- SACTI - Securely aggregate CTI sightings and report them on MISP☆14Oct 24, 2022Updated 3 years ago
- Python API for the LimaCharlie.io service.☆23Updated this week
- Generate bulk YARA rules from YAML input☆22Feb 3, 2020Updated 6 years ago
- PowerShell Script to facilitate the processing of SRUM data for on-the-fly forensics and if needed threat hunting☆23Oct 26, 2019Updated 6 years ago
- Decode security descriptors in $Secure on NTFS☆22Feb 24, 2022Updated 4 years ago
- Python script to automatically create sigma rules from The hive observables☆25Mar 17, 2019Updated 6 years ago
- Publicly shareable windows event log message data☆28Nov 29, 2019Updated 6 years ago
- ☆33Updated this week
- The "Let's-defend-solution" directory contains the answers to all paths of the Let's Defend platform that were saved by the creator 8 mon…☆12Apr 27, 2023Updated 2 years ago
- STIX 2.1 Visualizer, Attack and Activity Thread Graph for Threat Modeling☆33Dec 9, 2024Updated last year
- ☆10Dec 5, 2017Updated 8 years ago
- Web interface to IntelMQ☆10Sep 10, 2025Updated 5 months ago
- Different DFIR and CTI utilities☆39May 13, 2020Updated 5 years ago
- ☆11May 8, 2022Updated 3 years ago
- Validates yara rules and tries to repair the broken ones.☆41Sep 5, 2020Updated 5 years ago
- ☆10Feb 25, 2021Updated 5 years ago
- Collection of malware ioc hashes from blog posts. A Python script is provided to search through it.☆19Sep 10, 2020Updated 5 years ago
- Regular expression Search on the command-line☆16Mar 31, 2025Updated 11 months ago
- The repository contains Criminal IP Asset Search data in STIX 2.1 JSON format, enabling a quick understanding of threat information for s…☆11Jan 29, 2024Updated 2 years ago
- Scripts and ideas shared with the community.☆14Feb 27, 2026Updated last week
- BSides, OWASP, DEFCON, RSAC, SANS Talk Material, References and Extra Bits☆14Jul 19, 2025Updated 7 months ago
- NTOP nDPI Library example usage and FFI bindings for Lua, NodeJS☆13Jan 29, 2018Updated 8 years ago
- Repository resource threat intelligence for SOC☆10Sep 14, 2018Updated 7 years ago
- Total Anomaly Detection System for software logs and traces☆10Dec 7, 2015Updated 10 years ago
- ☆14Sep 28, 2023Updated 2 years ago
- Ansible playbook to convert Sigma rules to ElastAlert rules☆10Feb 5, 2021Updated 5 years ago
- Kestrel Jupyter Notebook Kernel☆10Oct 19, 2023Updated 2 years ago
- My logstash plugins. Filter: sig (for security detect -> IOC, sig, New value, Reference, link, frequence, ...). Output: alert created by …☆10Jul 26, 2019Updated 6 years ago
- A Sigma based detection pipeline☆13Dec 15, 2023Updated 2 years ago
- Transform EQL detection rules to VQL artifacts☆12Nov 12, 2021Updated 4 years ago
- Automation Framework has many tools commonly used for Network Automation☆10Sep 4, 2025Updated 6 months ago
- Repository for integration with Apache Kafka☆14Jul 22, 2022Updated 3 years ago
- The hub for all JATS4R meeting notes, examples, draft recommendations, documents, and issues.☆17Sep 8, 2019Updated 6 years ago
- ☆10Feb 7, 2026Updated 3 weeks ago
- Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.☆108Mar 13, 2018Updated 7 years ago
- Query.AI plugin for Kibana☆13Nov 10, 2019Updated 6 years ago
- Mimikatz HashClash☆12May 8, 2015Updated 10 years ago
- Live events map as a Kibana plugin☆11Aug 10, 2017Updated 8 years ago
- Install Proxmox 4 on a fresh Debian Jessie. Manage storages & containers☆11Apr 21, 2017Updated 8 years ago