Nclose-ZA / elastalert_hive_alerterView external linksLinks
This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.
☆27May 18, 2021Updated 4 years ago
Alternatives and similar repositories for elastalert_hive_alerter
Users that are interested in elastalert_hive_alerter are comparing it to the libraries listed below
Sorting:
- Cape Town BSides Capture the Flag by Nclose https://bsidescapetown.co.za/☆12Dec 20, 2019Updated 6 years ago
- A collection of Cortex Analyzers and Responders for TheHive/Cortex☆13Jan 29, 2020Updated 6 years ago
- This package allows for creating alerts in The Hive from emails retrieved from a Microsoft Exchange mailbox.☆12Jul 13, 2017Updated 8 years ago
- This repository contains a few examples of actions that can be added to rules within Elastic Security.☆24Feb 6, 2025Updated last year
- Powershell Functions to interact with TheHive-Project☆11Jun 27, 2019Updated 6 years ago
- Miscelaneous Dockers☆47Aug 26, 2021Updated 4 years ago
- Ansible role to install auditbeat for security monitoring. (Ruleset included)☆16Nov 16, 2023Updated 2 years ago
- A repository to share contributions related to TheHive Project☆22Sep 15, 2021Updated 4 years ago
- PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.☆58Mar 18, 2022Updated 3 years ago
- incident response scripts☆18Mar 4, 2019Updated 6 years ago
- Kestrel Jupyter Notebook Kernel☆10Oct 19, 2023Updated 2 years ago
- CIFv3 Ubuntu 16.04 Docker Container (Bearded Avenger)☆12Apr 18, 2018Updated 7 years ago
- Sysmon Tools for PowerShell☆12Aug 17, 2018Updated 7 years ago
- Indicator of Compromise Mapping Service☆12Apr 15, 2014Updated 11 years ago
- Top DNS Measurement for Bro☆11Aug 22, 2020Updated 5 years ago
- Python script to automatically create sigma rules from The hive observables☆25Mar 17, 2019Updated 6 years ago
- Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform☆71Jul 28, 2023Updated 2 years ago
- Scripts for TheHive.☆23Nov 15, 2019Updated 6 years ago
- Parse Suricata rules☆13Aug 1, 2023Updated 2 years ago
- A Golang API for TheHive☆13Sep 3, 2020Updated 5 years ago
- ☆13Jul 30, 2021Updated 4 years ago
- Crack your macros like the math pros.☆33Feb 14, 2017Updated 8 years ago
- Threat Feed Aggregation, Made Easy☆169Jul 13, 2020Updated 5 years ago
- Documentation of TheHive☆400Sep 20, 2023Updated 2 years ago
- Broctl plugin for automatically executing 'setcap' on each node after an install☆13Dec 18, 2020Updated 5 years ago
- Read only mirror. To contribute or submit issues, please go to the website link --->☆15Jul 25, 2023Updated 2 years ago
- Maltego entity pack encompassing the entire STIX 1.2 data model and a targeted subset of the CybOX 2.1 data model☆11Mar 24, 2016Updated 9 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Aug 3, 2019Updated 6 years ago
- Actionable analytics designed to combat threats☆1,006May 25, 2022Updated 3 years ago
- A tool to modify timestamps in a packet capture to a user selected date☆31Aug 11, 2021Updated 4 years ago
- An informational repo about hunting for adversaries in your IT environment.☆14Apr 10, 2017Updated 8 years ago
- SACTI - Securely aggregate CTI sightings and report them on MISP☆14Oct 24, 2022Updated 3 years ago
- Check Sigma rules for easy-to-bypass whitelists to make them more robust (https://github.com/SigmaHQ/sigma)☆14Feb 1, 2021Updated 5 years ago
- ☆18Jan 18, 2022Updated 4 years ago
- ☆53Mar 4, 2019Updated 6 years ago
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Mar 1, 2023Updated 2 years ago
- This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.☆35Jul 8, 2019Updated 6 years ago
- A Docker container for Moloch based on minimal Debian☆13Jun 23, 2017Updated 8 years ago
- Integration between MISP platform and McAfee MVISION EDR☆14Mar 14, 2022Updated 3 years ago