Prelude-SIEM / prelude-correlator

Related projects: ⓘ

• socprime / SigmaRulesIntegration
  ☆15Updated 6 years ago
• opencybersecurityalliance / firepit
  Firepit - STIX Columnar Storage
  ☆15Updated 3 months ago
• COSSAS / sacti
  SACTI - Securely aggregate CTI sightings and report them on MISP
  ☆13Updated last year
• corelight / got_zoom
  A Zeek package that detects Zoom logins and meeting joins
  ☆11Updated 4 years ago
• CyCat-project / cycat-taxonomy
  CyCAT.org taxonomies
  ☆14Updated 3 years ago
• csirt-tooling-org / csirt-tooling-best-practices
  CSIRT Tooling: Best Practices in Developing, Maintaining and Distributing Open Source Tools
  ☆16Updated 2 years ago
• tiburon-security / sriracha-iq
  Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…
  ☆17Updated 4 years ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆21Updated 3 weeks ago
• corelight / pycommunityid
  A Python implementation of the Community ID flow hashing standard
  ☆23Updated 9 months ago
• CyCat-project / cycat-service
  CyCAT.org API back-end server including crawlers
  ☆30Updated last year
• opencybersecurityalliance / kestrel-jupyter
  Kestrel Jupyter Notebook Kernel
  ☆9Updated 11 months ago
• BreakingMalwareResearch / YetiToElastic
  YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack
  ☆15Updated 3 years ago
• OTRF / openhunt
  ☆33Updated 3 years ago
• zeek / zeek-agent-framework
  This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2
  ☆14Updated 3 years ago
• CyberSift / OSQUERY-PACKS
  Osquery Packs we use for customer security hardening
  ☆12Updated 6 months ago
• theparanoids / spicy-noise
  A Spicy protocol analyzer for WireGuard
  ☆27Updated 4 years ago
• micrictor / spl-spt
  Zeek plugin to generate data on per-packet sizes and intervals
  ☆13Updated 4 years ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆32Updated 2 years ago
• MISP / misp-packer
  Build Automated Machine Images for MISP
  ☆28Updated last year
• nccgroup / JA3_outlier
  Incremental Machine Leaning by example - Detecting suspicious activity in real time with Zeek data streams, River and JA3 hashes
  ☆15Updated 2 years ago
• idaholab / EMV
  Exploit, Malware and Vulnerability Scoring Application
  ☆11Updated 11 months ago
• DefectDojo / Community-Contribs
  DefectDojo Community Content
  ☆17Updated 5 months ago
• zeek / spicy-analyzers
  Growing collection of Spicy-based protocol and file analyzers for Zeek
  ☆32Updated this week
• StamusNetworks / surimisp
  Check IOC provided by a MISP instance on Suricata events
  ☆17Updated 5 years ago
• SekoiaLab / FastIR_Server
  The FastIR Server is a Web server to schedule FastIR Collector forensics collect thanks to the FastIR Agent
  ☆12Updated 7 years ago
• ElasticSA / elsec_dr2an
  Script to create MITRE ATT&CK Navigator layers from the annotated detection rules in Elastic Security (Kibana).
  ☆20Updated last year
• MISP / misp-privacy-aware-exchange
  A privacy-aware exchange module to securely and privately share your indicators
  ☆13Updated 7 years ago
• D4-project / d4-core
  D4 core software (server and sample sensor client)
  ☆43Updated 8 months ago
• csirt-tooling-org / tooling-directory
  Tools used by CSIRT and especially in the scope of CNW
  ☆14Updated 3 months ago
• certtools / tag2domain
  A mapping project between tags (annotations, labels) and domain names
  ☆11Updated 4 months ago