Prelude-SIEM / prelude-correlator
The official Prelude-Correlator GitHub mirror of https://www.prelude-siem.org/projects/prelude-correlator/repository
☆10Updated 4 years ago
Alternatives and similar repositories for prelude-correlator:
Users that are interested in prelude-correlator are comparing it to the libraries listed below
- Firepit - STIX Columnar Storage☆16Updated 10 months ago
- CSIRT Tooling: Best Practices in Developing, Maintaining and Distributing Open Source Tools☆16Updated 2 years ago
- We publish indicators of compromise related to our stories here. See https://blog.team-cymru.com/ for more information.☆9Updated 3 years ago
- Network timing evaluation used to detect beacons, works with argus flow as the source☆20Updated 8 years ago
- A Zeek package that detects Zoom logins and meeting joins☆12Updated 5 years ago
- CyCAT.org taxonomies☆14Updated 3 years ago
- A mapping project between tags (annotations, labels) and domain names☆11Updated last year
- A few quick recipes for those that do not have much time during the day☆22Updated 6 months ago
- Growing collection of Spicy-based protocol and file analyzers for Zeek☆31Updated 7 months ago
- Threat Detection Rules (Snort/Sigma/Yara)☆13Updated last year
- Hosted analyzers built for Grapl☆13Updated 2 years ago
- D4 core software (server and sample sensor client)☆42Updated last year
- Log aggregation, analysis, alerting and correlation for Windows, Syslog and text based logs.☆24Updated 8 years ago
- ☆15Updated 7 years ago
- Zeek plugin to generate data on per-packet sizes and intervals☆14Updated 5 years ago
- SACTI - Securely aggregate CTI sightings and report them on MISP☆14Updated 2 years ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆18Updated 5 years ago
- External twitter feeder for AIL framework☆16Updated 2 years ago
- cve-search is a tool to import CVE (Common Vulnerabilities and Exposures) and CPE (Common Platform Enumeration) into a MongoDB to facilit…☆25Updated 7 years ago
- OpenDXL Broker is an open source version of a Data Exchange Layer (DXL) broker☆14Updated last year
- ☆15Updated 3 years ago
- Incremental Machine Leaning by example - Detecting suspicious activity in real time with Zeek data streams, River and JA3 hashes☆16Updated 2 years ago
- HoneyDB Python Module☆13Updated last year
- This repository contains generated contextual data utilized by pyattck.☆19Updated last month
- Automate the regular transfer of AIS data into a MISP Server☆9Updated 10 months ago
- Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists☆32Updated 2 months ago
- Potiron - Normalize, Index and Visualize Network Capture☆85Updated 6 years ago
- Following repository contains source codes used in my two Books.☆11Updated 9 years ago
- ☆11Updated 7 years ago
- ☆11Updated 4 years ago