RyPeck / python-LEEFLinks
Python Module for creating Log Event Extended Format events for IBM QRadar
☆12Updated 9 years ago
Alternatives and similar repositories for python-LEEF
Users that are interested in python-LEEF are comparing it to the libraries listed below
Sorting:
- Push "BAD" IPs/Networks into QRadar's "Remote Networks", tag them properly, and use them!☆18Updated 11 years ago
- This is a script module for Bro that encapsulates and detects activity related to the Mandiant APT1 report.☆47Updated 11 years ago
- Metadata Inspection Database Alerting System☆42Updated 11 years ago
- integrating bro into yara☆33Updated 10 years ago
- Threat Intelligence distribution☆30Updated 9 years ago
- Bro-IDS scripts☆50Updated 8 years ago
- ☆36Updated 8 years ago
- Yara is awesome, but sometimes you need to manipulate the data streams you're scanning in different ways.☆97Updated 10 years ago
- CuckooMX is a project to automate analysis of files transmitted over SMTP (using the Cuckoo sandbox)☆41Updated 12 years ago
- ☆71Updated 3 years ago
- Bro/Zeek integration with osquery☆94Updated 4 years ago
- API Tools☆27Updated 9 years ago
- ☆85Updated 11 years ago
- IDS Utility Belt For Automating/Testing Various Things☆30Updated 4 years ago
- Script for generating Bro intel files from pdf or html reports☆77Updated 9 years ago
- ☆24Updated 5 years ago
- Improvements of/over the original rule2alert☆56Updated 10 years ago
- A dumb set of scripts for building a cuckoo rig☆61Updated 8 years ago
- An ICAP Server with yara scanner for URL and content.☆59Updated 5 months ago
- Cyber Defence Monitoring Course Suite :: Suricata, Bro, Moloch☆61Updated 8 years ago
- Python interface to the CRITs API☆22Updated 8 years ago
- Bro scripts to be shared with the community☆109Updated 12 years ago
- Bro Snippets☆21Updated 10 years ago
- CRITs IOC Visualization in Maltego☆28Updated 10 years ago
- A collection of Bro scripts I've written☆40Updated 10 years ago
- Bit9 Platform☆20Updated 7 years ago
- Generates visualizations from the output of flow tools such as SiLK.☆35Updated 8 years ago
- ☆28Updated 8 years ago
- YETI is a TAXII implementation☆46Updated 6 years ago
- Ansible playbook to install Malware Information Sharing Platform (MISP)☆17Updated 10 years ago