Alternatives and similar repositories for elastic-tip:

Users that are interested in elastic-tip are comparing it to the libraries listed below

• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆37Updated 2 years ago
• santiago-bassett / Alienvault-Demo_scripts
  Scripts to inject demo data and network traffic into an existing Alienvault/OSSIM installation
  ☆21Updated 7 years ago
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆39Updated 11 months ago
• TheHive-Project / Synapse
  Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform
  ☆71Updated last year
• stahler / QRadar
  Using QRadar API
  ☆20Updated 7 years ago
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆53Updated 4 years ago
• socprime / soc_workflow_app_ce
  SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…
  ☆94Updated 2 years ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆22Updated 5 months ago
• clausing / scripts
  ☆63Updated last month
• Acheron-VAF / Acheron
  Acheron is a RESTful vulnerability assessment and management framework built around search and dedicated to terminal extensibility.
  ☆32Updated 2 years ago
• cdefid / TheHiveIRPlaybook
  TheHiveIRPlaybook is a collection of TheHive case templates used for Incident Response
  ☆13Updated 4 years ago
• karthikkbala / MISP-QRadar-Integration
  The Project can be used to integrate QRadar with MISP Threat Sharing Platform
  ☆39Updated 2 years ago
• ReconInfoSec / graylog2thehive
  Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.
  ☆44Updated 4 years ago
• CERT-Bund / IRNetTools
  Incident Response Network Tools
  ☆24Updated 3 years ago
• MISP / misp-packer
  Build Automated Machine Images for MISP
  ☆28Updated last year
• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆70Updated last year
• PolitoInc / ELK-Hunting
  Threat Hunting with ELK Workshop (InfoSecWorld 2017)
  ☆66Updated 7 years ago
• da667 / AutoMISP
  automate your MISP installs
  ☆67Updated 4 years ago
• fireeye / CVE-2021-44228
  OpenIOC rules to facilitate hunting for indicators of compromise
  ☆37Updated 3 years ago
• cado-security / CloudAndContainerCompromiseSimulator
  Simulates a compromise in a cloud and container environment
  ☆32Updated 3 months ago
• Security-Onion-Solutions / securityonion-cloud
  ☆33Updated 2 years ago
• nettitude / defensive-scripts
  Defence Against the Dark Arts
  ☆34Updated 5 years ago
• atc-project / atc-mitigation
  Actionable analytics designed to combat threats based on MITRE's ATT&CK.
  ☆22Updated 5 years ago
• Hestat / soc-threat-hunting
  Repo of python/bash scripts for identifying IoC's in threat feed and other online tools
  ☆26Updated 4 years ago
• austinsonger / Elastic-Security
  Repo for Automations and other solutions for Elastic SIEM/Security.
  ☆18Updated 3 years ago
• neu5ron / es_stk
  ☆13Updated 2 years ago
• mytechnotalent / Zeek-Network-Security-Monitor
  A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the…
  ☆62Updated 2 years ago
• weslambert / securityonion-misp
  ☆34Updated 4 years ago
• activecm / pcap-stats
  Learn about a network from a pcap file or reading from an interface
  ☆28Updated 11 months ago
• 0xtf / HAMISPA
  Notes for High Availability MISP in AWS
  ☆19Updated 5 years ago