PaloAltoNetworks / minemeldLinks
Main MineMeld documentation repo
☆378Updated 7 years ago
Alternatives and similar repositories for minemeld
Users that are interested in minemeld are comparing it to the libraries listed below
Sorting:
- Engine of MineMeld☆140Updated 2 years ago
- Automated deployment scripts for the RockNSM network hunting distribution.☆454Updated last year
- Documentation of TheHive☆398Updated last year
- Prototypes for MineMeld nodes☆39Updated 3 years ago
- Documentation of Cortex☆174Updated last year
- ☆216Updated last year
- CASCADE Server☆270Updated 2 years ago
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆246Updated 3 years ago
- Python API Client for TheHive☆229Updated this week
- Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsac…☆866Updated 4 years ago
- Threat Feed Aggregation, Made Easy☆168Updated 4 years ago
- The Phishing Intelligence Engine - An Active Defense PowerShell Framework for Phishing Defense with Office 365☆180Updated 5 years ago
- Evolving directions on building the best Open Source Forensics VM☆160Updated 6 years ago
- Mark Baggett's (@MarkBaggett - GSE #15, SANS SEC573 Author) tool for detecting randomness using NLP techniques rather than pure entropy c…☆129Updated 2 years ago
- MISP Docker (XME edition)☆282Updated last year
- Windows Event Forwarding subscriptions, configuration files and scripts that assist with implementing ACSC's protect publication, Technic…☆221Updated 4 months ago
- Palo Alto Networks App for Splunk leverages the data visibility provided by Palo Alto Networks next-generation firewalls and endpoint sec…☆107Updated 8 months ago
- DEPRECATED - USE v3 (bearded-avenger)☆228Updated 7 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆338Updated 2 years ago
- Modules for expansion services, enrichment, import and export in MISP and other tools.☆354Updated 3 weeks ago
- CrowdStrike Falcon Orchestrator provides automated workflow and response capabilities☆186Updated last year
- DPS' Lightweight Investigation Notebook☆432Updated last year
- Phantom Community Playbooks☆502Updated last week
- User guide of MISP☆270Updated 5 months ago
- TAXII server implementation in Python from EclecticIQ☆199Updated last year
- Splunk code (SPL) for serious threat hunters and detection engineers.☆284Updated last year
- Sandia Cyber Omni Tracker (SCOT)☆248Updated 7 months ago
- Useful network monitoring, analysis, and active response tools used or mentioned in the SANS SEC503 course (https://www.sans.org/course/i…☆229Updated 5 months ago
- FireEye Publicly Shared Indicators of Compromise (IOCs)☆467Updated 6 years ago
- Samples code that uses QRadar API's☆204Updated 5 years ago