The-Shadowserver-Foundation / api_utils

Related projects: ⓘ

• infobloxopen / threat-intelligence
  ☆62Updated this week
• NextronSystems / thor-lite
  Fast IOC and YARA Scanner
  ☆72Updated 4 years ago
• NUKIB / misp
  Docker image for MISP
  ☆109Updated last week
• hashlookup / hashlookup-forensic-analyser
  Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https…
  ☆121Updated 11 months ago
• CrowdStrike / MISP-tools
  Import CrowdStrike Threat Intelligence into your instance of MISP
  ☆40Updated this week
• cerebrate-project / cerebrate
  Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…
  ☆82Updated this week
• Security-Onion-Solutions / securityonion-image
  ☆47Updated last week
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 5 months ago
• corelight / threat-hunting-guide
  ☆43Updated 2 years ago
• activecm / pcap-stats
  Learn about a network from a pcap file or reading from an interface
  ☆26Updated 5 months ago
• weslambert / securityonion-misp
  ☆34Updated 3 years ago
• karthikkbala / MISP-QRadar-Integration
  The Project can be used to integrate QRadar with MISP Threat Sharing Platform
  ☆37Updated 2 years ago
• theflakes / sigma_to_wazuh
  Convert Sigma rules to Wazuh rules
  ☆55Updated 5 months ago
• tuckner / automation-capability-matrix
  A tool that allows you to document and assess any security automation in your SOC
  ☆40Updated 4 months ago
• joeavanzato / LogBoost
  Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…
  ☆91Updated 2 months ago
• CERT-Bund / IRNetTools
  Incident Response Network Tools
  ☆22Updated 3 years ago
• cisagov / ioc-scanner
  Search a filesystem for indicators of compromise (IoC).
  ☆66Updated 3 weeks ago
• activecm / docker-zeek
  Run zeek with zeekctl in docker
  ☆46Updated last week
• thinkst / canary-utils
  Collection of useful Canary tools
  ☆67Updated last week
• corelight / raspi-corelight
  Corelight@Home script
  ☆39Updated 11 months ago
• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆34Updated 2 years ago
• enisaeu / IRtools
  The aim of this repository is to provide a list of examples of tools, sources and measures available to incident response teams
  ☆58Updated 4 years ago
• amuehlem / MISP-RPM
  RPM packages for MISP
  ☆32Updated 2 weeks ago
• enisaeu / CNW
  Advisories, guidance, best practice documents and more issued by members of the EU CSIRTs network, a network composed of EU Member States…
  ☆47Updated last week
• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆66Updated last year
• csirtgadgets / cif-v5
  The FASTEST way to consume threat intel.
  ☆62Updated last year
• rstcloud / rstthreats
  Aggregated Indicators of Compromise collected and cross-verified from multiple open and community-supported sources, enriched and ranked …
  ☆34Updated last month
• CERN-CERT / pDNSSOC
  Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.
  ☆48Updated 2 weeks ago
• flowintel / flowintel
  An open source platform to support analysts to organise their case and tasks
  ☆49Updated 2 weeks ago
• juaromu / wazuh-nmap
  ☆17Updated 2 years ago