LDO-CERT / mans_to_esView external linksLinks
Parses the FireEye HX .mans triage collections and sends them to ElasticSearch
☆16Feb 17, 2023Updated 2 years ago
Alternatives and similar repositories for mans_to_es
Users that are interested in mans_to_es are comparing it to the libraries listed below
Sorting:
- An informational repo about hunting for adversaries in your IT environment.☆14Apr 10, 2017Updated 8 years ago
- Python API for the LimaCharlie.io service.☆21Updated this week
- Generate bulk YARA rules from YAML input☆22Feb 3, 2020Updated 6 years ago
- Python script to automatically create sigma rules from The hive observables☆25Mar 17, 2019Updated 6 years ago
- ☆33Updated this week
- Publicly shareable windows event log message data☆28Nov 29, 2019Updated 6 years ago
- The "Let's-defend-solution" directory contains the answers to all paths of the Let's Defend platform that were saved by the creator 8 mon…☆12Apr 27, 2023Updated 2 years ago
- STIX 2.1 Visualizer, Attack and Activity Thread Graph for Threat Modeling☆33Dec 9, 2024Updated last year
- Web interface to IntelMQ☆10Sep 10, 2025Updated 5 months ago
- Different DFIR and CTI utilities☆38May 13, 2020Updated 5 years ago
- Validates yara rules and tries to repair the broken ones.☆41Sep 5, 2020Updated 5 years ago
- The desktop clock application for multiple time zones🕒🌍🕕☆16Updated this week
- The repository contains Criminal IP Asset Search data in STIX 2.1 JSON format, enabling a quick understanding of threat information for s…☆11Jan 29, 2024Updated 2 years ago
- domain information in JSON format☆10Jun 7, 2017Updated 8 years ago
- Repository resource threat intelligence for SOC☆10Sep 14, 2018Updated 7 years ago
- Ansible playbook to convert Sigma rules to ElastAlert rules☆10Feb 5, 2021Updated 5 years ago
- Kestrel Jupyter Notebook Kernel☆10Oct 19, 2023Updated 2 years ago
- A Sigma based detection pipeline☆13Dec 15, 2023Updated 2 years ago
- The hub for all JATS4R meeting notes, examples, draft recommendations, documents, and issues.☆17Sep 8, 2019Updated 6 years ago
- Transform EQL detection rules to VQL artifacts☆12Nov 12, 2021Updated 4 years ago
- Total Anomaly Detection System for software logs and traces☆10Dec 7, 2015Updated 10 years ago
- ☆14Jan 29, 2026Updated 2 weeks ago
- Automation Framework has many tools commonly used for Network Automation☆10Sep 4, 2025Updated 5 months ago
- Lists a public S3 bucket☆13Oct 17, 2015Updated 10 years ago
- Scripts and ideas shared with the community.☆14Dec 8, 2025Updated 2 months ago
- My logstash plugins. Filter: sig (for security detect -> IOC, sig, New value, Reference, link, frequence, ...). Output: alert created by …☆10Jul 26, 2019Updated 6 years ago
- ☆14Sep 28, 2023Updated 2 years ago
- Lockheed Martin developed utility to combine multiple CycloneDX SBOMs☆13Jan 16, 2023Updated 3 years ago
- Elasticsearch based secondary index for Cassandra used by Genesys UCS☆14Sep 1, 2025Updated 5 months ago
- Mimikatz HashClash☆12May 8, 2015Updated 10 years ago
- Live events map as a Kibana plugin☆11Aug 10, 2017Updated 8 years ago
- ☆15Mar 13, 2018Updated 7 years ago
- Reflex SOAR☆12Apr 1, 2022Updated 3 years ago
- Application for the Elastic Stack monitoring☆13Dec 6, 2025Updated 2 months ago
- CTF designed for Middle School-aged kids☆12Oct 18, 2024Updated last year
- Public Chronicle Detection Rules☆12Apr 25, 2023Updated 2 years ago
- A few Ansible plug-ins I've written for personal use☆13Feb 16, 2021Updated 4 years ago
- ☆15Sep 24, 2024Updated last year
- Django web interface for managing Yara rules☆197Jul 28, 2018Updated 7 years ago