StamusNetworks / surimispLinks
Check IOC provided by a MISP instance on Suricata events
☆18Updated 6 years ago
Alternatives and similar repositories for surimisp
Users that are interested in surimisp are comparing it to the libraries listed below
Sorting:
- ☆25Updated 2 years ago
- ☆14Updated 7 years ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Updated last year
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Updated 4 years ago
- Python parser for Red Canary's Atomic Red Team Yamls☆27Updated 6 years ago
- CIRCL system forensic tools or a jumble of tools to support forensic☆42Updated 2 years ago
- A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.☆14Updated 7 years ago
- This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.☆34Updated 6 years ago
- Checks observables/ioc in TheHive/Cortex against the MISP warningslists☆14Updated 7 years ago
- Web based analysis platform for use with the AWS_IR command line tool.☆17Updated 9 years ago
- ☆13Updated 5 years ago
- Python script to automatically create sigma rules from The hive observables☆25Updated 6 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆40Updated 2 years ago
- Easy way to create a MISP event related to a Phishing page☆17Updated 2 years ago
- Validates yara rules and tries to repair the broken ones.☆39Updated 4 years ago
- Deploy MISP Project software with Vagrant.☆44Updated 5 years ago
- Exporting MISP event attributes to yara rules usable with Thor apt scanner☆24Updated 8 years ago
- Indicators of compromise relating to our report on APT10's targeting of global MSPs☆10Updated 7 years ago
- A collection of typical false positive indicators☆55Updated 4 years ago
- Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists☆33Updated last week
- Virustotal Data to Timesketch☆17Updated 6 years ago
- Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer☆42Updated 5 years ago
- hassh-utils: Nmap NSE Script and Docker image for HASSH - the SSH client/server fingerprinting method (https://github.com/salesforce/hass…☆59Updated 11 months ago
- Historical Observations of Actionable Reputation Data☆13Updated 7 years ago
- ☆18Updated 7 years ago
- Information about most important hunts which can be performed by Threat hunters while searching for any adversary/threats inside the orga…☆15Updated 6 years ago
- repo for sharing stuff☆17Updated last month
- CyCAT.org taxonomies☆15Updated 4 years ago
- Bro PCAP Processing and Tagging API☆28Updated 7 years ago
- A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).☆17Updated 6 years ago