SecurityNik / QRadar---Threat-Intelligence-On-The-Cheap
Download a list of suspected malicious IPs and Domains. Create a QRadar Reference Set. Search Your Environment For Malicious IPs
☆68Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for QRadar---Threat-Intelligence-On-The-Cheap
- A website and framework for testing NIDS detection☆56Updated 3 years ago
- ☆55Updated 2 years ago
- A Splunk app to use MISP in background☆109Updated 3 weeks ago
- A Splunk app with saved reports derived from Sigma rules☆72Updated 6 years ago
- Expert Investigation Guides☆50Updated 3 years ago
- ☆48Updated 4 years ago
- Imports Alienvault OTX pulses to a MISP instance☆52Updated 3 years ago
- Repository of scripts/tools that may be useful in Security Operations Centres (SOC)☆54Updated 3 years ago
- InvestigationPlaybookSpec☆72Updated 7 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆107Updated 4 years ago
- A collection of notebooks built for defensive and offensive operations.☆76Updated 4 years ago
- Analyze binaries collected in VMware Carbon Black EDR against Yara rules.☆36Updated last year
- Carbon Black Feeds☆70Updated last year
- Multithreaded threat Intelligence gathering built with Python3☆171Updated 6 years ago
- QRadar Export the rule set for printing☆22Updated 7 years ago
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆39Updated 2 years ago
- Term concordances for each course in the SANS DFIR curriculum. Used for automated index generation.☆65Updated 4 years ago
- Mark Baggett's (@MarkBaggett - GSE #15, SANS SEC573 Author) tool for detecting randomness using NLP techniques rather than pure entropy c…☆123Updated 2 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆52Updated 2 years ago
- This repository is created to add value to existing Network Security Monitoring solutions.☆42Updated 8 years ago
- Network Forensics Bro scripts & pcap samples☆62Updated 10 years ago
- ☆48Updated 8 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Updated 5 years ago
- Pulls IOCs from MISP and adds the to reference sets in QRadar☆33Updated last year
- QRadio ~ Best Threat Intelligence Radio ~ Tune In!☆96Updated 8 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆92Updated 2 years ago
- All the IOC's I have gathered which are used directly involved coronavirus / covid-19 / SARS-CoV-2 cyber attack campaigns☆65Updated 3 years ago
- Hunting IOCs all day every day...☆83Updated last year
- Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform☆71Updated last year
- An OpenTAXII Configuration for MISP☆80Updated 2 years ago