SHolzhauer / elastic-tip
Elastic TIP is a python tool which automates the process of aggregating Threat Intelligence and ingesting the intelligence into a common format into Elasticsearch with the main goal of being used by the Security solution.
☆27Updated 8 months ago
Alternatives and similar repositories for elastic-tip:
Users that are interested in elastic-tip are comparing it to the libraries listed below
- Scripts to inject demo data and network traffic into an existing Alienvault/OSSIM installation☆21Updated 7 years ago
- automate your MISP installs☆67Updated 4 years ago
- Using QRadar API☆20Updated 7 years ago
- ☆34Updated 4 years ago
- Build Automated Machine Images for MISP☆28Updated last year
- Legal, procedural and policies document templates for operating MISP and information sharing communities☆38Updated 2 years ago
- ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing☆53Updated last week
- A few quick recipes for those that do not have much time during the day☆22Updated 5 months ago
- Threat intelligence and threat detection indicators (IOC, IOA)☆52Updated 4 years ago
- ☆63Updated last month
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆66Updated 7 years ago
- Best practices in threat intelligence☆46Updated 2 years ago
- Run Velociraptor on Security Onion☆37Updated 2 years ago
- Acheron is a RESTful vulnerability assessment and management framework built around search and dedicated to terminal extensibility.☆32Updated 2 years ago
- Incident Response Plan for all major incidents including cheatsheets for both linux and windows☆14Updated 4 years ago
- Example Suricata rules implementing some of my detection tactics☆20Updated 2 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 2 years ago
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆34Updated last month
- Incident Response Network Tools☆24Updated 3 years ago
- Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.☆44Updated 4 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Cyber Defence Monitoring Course Suite :: Suricata, Arkime (and others in the past)☆102Updated 9 months ago
- ☆12Updated 5 years ago
- Learn about a network from a pcap file or reading from an interface☆28Updated 11 months ago
- Repository for SPEED SIEM Use Case Framework☆53Updated 4 years ago
- A collection of tips for using MISP.☆74Updated 3 months ago
- Sharing Threat Hunting runbooks☆25Updated 5 years ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆39Updated 11 months ago
- ☆16Updated 4 years ago
- TheHiveIRPlaybook is a collection of TheHive case templates used for Incident Response☆13Updated 4 years ago