SHolzhauer / elastic-tip
Elastic TIP is a python tool which automates the process of aggregating Threat Intelligence and ingesting the intelligence into a common format into Elasticsearch with the main goal of being used by the Security solution.
☆27Updated 8 months ago
Alternatives and similar repositories for elastic-tip:
Users that are interested in elastic-tip are comparing it to the libraries listed below
- Learn about a network from a pcap file or reading from an interface☆28Updated last year
- ☆34Updated 4 years ago
- Best practices in threat intelligence☆46Updated 2 years ago
- Run Velociraptor on Security Onion☆37Updated 2 years ago
- automate your MISP installs☆67Updated 4 years ago
- OpenIOC rules to facilitate hunting for indicators of compromise☆37Updated 3 years ago
- A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the…☆62Updated 2 years ago
- ☆65Updated 2 months ago
- Acheron is a RESTful vulnerability assessment and management framework built around search and dedicated to terminal extensibility.☆32Updated 2 years ago
- CSIRT Jump Bag☆26Updated last year
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆40Updated last year
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆39Updated 2 years ago
- Sharing Threat Hunting runbooks☆25Updated 5 years ago
- ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing☆53Updated this week
- A few quick recipes for those that do not have much time during the day☆22Updated 5 months ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 2 years ago
- Repo for Automations and other solutions for Elastic SIEM/Security.☆18Updated 3 years ago
- Collection of walkthroughs on various threat hunting techniques☆75Updated 4 years ago
- A collection of tips for using MISP.☆74Updated 4 months ago
- Simulates a compromise in a cloud and container environment☆32Updated 4 months ago
- Incident Response Network Tools☆24Updated 3 years ago
- Kestrel Jupyter Notebook Kernel☆9Updated last year
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆34Updated this week
- Wrap any binary into a cached webserver☆53Updated 3 years ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆18Updated 5 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 3 years ago
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆66Updated 7 years ago
- Threat intelligence and threat detection indicators (IOC, IOA)☆52Updated 4 years ago
- Using QRadar API☆20Updated 7 years ago