Security-Onion-Solutions / securityonion-image
☆47Updated last week
Related projects ⓘ
Alternatives and complementary repositories for securityonion-image
- ☆46Updated this week
- Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform☆71Updated last year
- ☆34Updated 3 years ago
- Technical add-on for Splunk related to TheHive/Cortex from TheHive project☆49Updated last week
- OSSEM Common Data Model☆54Updated 2 years ago
- Attack Range to test detection against nativel serverless cloud services and environments☆35Updated 3 years ago
- A CALDERA plugin☆72Updated last week
- Convert Sigma rules to Wazuh rules☆56Updated 6 months ago
- A community event for security researchers to share their favorite notebooks☆106Updated 8 months ago
- Run Velociraptor on Security Onion☆34Updated 2 years ago
- A collection of notebooks built for defensive and offensive operations.☆76Updated 4 years ago
- Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…☆83Updated 3 weeks ago
- Parse wazuh[HIDS] alerts into ECS mapping using Filebeat☆27Updated 4 years ago
- The Infosec Community Definitive Guide to Jupyter Notebooks☆115Updated 4 years ago
- HXTool is an extended user interface for the FireEye HX Endpoint product. HXTool can be installed on a dedicated server or on your physic…☆79Updated 4 months ago
- ☆84Updated this week
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆52Updated 2 years ago
- Sysmon and wazuh integration with Sigma sysmon rules [updated]☆61Updated 3 years ago
- Docker configurations for TheHive, Cortex and 3rd party tools☆113Updated last year
- Documentation for Zeek☆50Updated this week
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆65Updated 7 months ago
- A curated list of awesome things related to TheHive & Cortex☆172Updated 3 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆107Updated 4 years ago
- Community driven repository of Playbooks and Apps for ThreatConnect.☆69Updated 3 months ago
- OSSEM Data Dictionaries☆58Updated 2 months ago
- ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing☆52Updated this week
- Import specific data sources into the Sigma generic and open signature format.☆77Updated 2 years ago
- automate your MISP installs☆66Updated 4 years ago
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆105Updated 10 months ago
- Collection of walkthroughs on various threat hunting techniques☆75Updated 4 years ago