SHolzhauer / elastic-tip
Elastic TIP is a python tool which automates the process of aggregating Threat Intelligence and ingesting the intelligence into a common format into Elasticsearch with the main goal of being used by the Security solution.
☆27Updated 8 months ago
Alternatives and similar repositories for elastic-tip:
Users that are interested in elastic-tip are comparing it to the libraries listed below
- Run Velociraptor on Security Onion☆37Updated 2 years ago
- Scripts to inject demo data and network traffic into an existing Alienvault/OSSIM installation☆21Updated 7 years ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆39Updated 11 months ago
- Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform☆71Updated last year
- Using QRadar API☆20Updated 7 years ago
- Repository for SPEED SIEM Use Case Framework☆53Updated 4 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 2 years ago
- A few quick recipes for those that do not have much time during the day☆22Updated 5 months ago
- ☆63Updated last month
- Acheron is a RESTful vulnerability assessment and management framework built around search and dedicated to terminal extensibility.☆32Updated 2 years ago
- TheHiveIRPlaybook is a collection of TheHive case templates used for Incident Response☆13Updated 4 years ago
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆39Updated 2 years ago
- Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.☆44Updated 4 years ago
- Incident Response Network Tools☆24Updated 3 years ago
- Build Automated Machine Images for MISP☆28Updated last year
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆70Updated last year
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆66Updated 7 years ago
- automate your MISP installs☆67Updated 4 years ago
- OpenIOC rules to facilitate hunting for indicators of compromise☆37Updated 3 years ago
- Simulates a compromise in a cloud and container environment☆32Updated 3 months ago
- ☆33Updated 2 years ago
- Defence Against the Dark Arts☆34Updated 5 years ago
- Actionable analytics designed to combat threats based on MITRE's ATT&CK.☆22Updated 5 years ago
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Updated 4 years ago
- Repo for Automations and other solutions for Elastic SIEM/Security.☆18Updated 3 years ago
- ☆13Updated 2 years ago
- A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the…☆62Updated 2 years ago
- ☆34Updated 4 years ago
- Learn about a network from a pcap file or reading from an interface☆28Updated 11 months ago
- Notes for High Availability MISP in AWS☆19Updated 5 years ago