PaloAltoNetworks / autofocus-lenz
A command line utility to aid in using autofocus for IR and research
☆27Updated 5 years ago
Alternatives and similar repositories for autofocus-lenz:
Users that are interested in autofocus-lenz are comparing it to the libraries listed below
- WebUI of MineMeld☆43Updated 2 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- Ansible playbook for installing MineMeld on Linux☆48Updated 4 years ago
- Engine of MineMeld☆141Updated 2 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Updated 5 years ago
- pan-stix☆19Updated 7 years ago
- ☆38Updated 6 years ago
- Dashboards and loader for ROCK NSM dashboards☆48Updated 2 years ago
- ☆55Updated 3 years ago
- The Palo Alto Networks Add-on for Splunk allows a Splunk® Enterprise or Splunk Cloud administrator to collect data from Palo Alto Network…☆21Updated 4 years ago
- A tool for bulk URL queries against Palo Alto Networks' PAN-DB cloud database☆18Updated last year
- A website and framework for testing NIDS detection☆57Updated 3 years ago
- Sysmon Splunk App☆46Updated 6 years ago
- Scripts for Bro IDS and ELK Stack☆56Updated 9 years ago
- MineMeld nodes for MISP☆19Updated last year
- Palo Alto Networks App for Splunk leverages the data visibility provided by Palo Alto Networks next-generation firewalls and endpoint sec…☆106Updated 5 months ago
- Bro scripts for the ROCK platform. http://rocknsm.io☆33Updated last year
- ☆36Updated 8 years ago
- The Bro/Zeek language cheat sheet☆52Updated 12 years ago
- InvestigationPlaybookSpec☆72Updated 7 years ago
- Network Forensics Bro scripts & pcap samples☆62Updated 11 years ago
- Parse a report and import the events into MISP☆29Updated 9 years ago
- Logstash Input plugin by Blueliv☆27Updated last year
- Bit9 Platform☆20Updated 7 years ago
- A python client library for interfacing with the autofocus rest services☆19Updated 3 years ago
- ☆71Updated 3 years ago
- Report Generation from the Carbon Black REST API☆15Updated 3 years ago
- Docker container for MISP☆96Updated 6 years ago
- Detect Phishing with Bro IDS☆18Updated 8 years ago
- Subscribe to raw VMware Carbon Black EDR event feed and forward to another system, such as Splunk.☆73Updated 10 months ago