TheHive-Project / docsLinks
Official documentation for TheHive Project applications
☆21Updated last year
Alternatives and similar repositories for docs
Users that are interested in docs are comparing it to the libraries listed below
Sorting:
- TheHiveIRPlaybook is a collection of TheHive case templates used for Incident Response☆13Updated 5 years ago
- Repo for Automations and other solutions for Elastic SIEM/Security.☆18Updated 4 years ago
- Threat intelligence and threat detection indicators (IOC, IOA)☆52Updated 4 years ago
- Corelight@Home script☆42Updated last year
- An experimental Velociraptor implementation using cloud infrastructure☆25Updated last month
- PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…☆95Updated 4 years ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 4 years ago
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆71Updated 2 years ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆65Updated 2 years ago
- A repository of Sysmon For Linux configuration modules☆15Updated 3 years ago
- Incident Response Network Tools☆24Updated 4 years ago
- A collection of tips for using MISP.☆74Updated 7 months ago
- Workflows for Shuffle☆23Updated 2 years ago
- ☆42Updated 3 weeks ago
- DNS Dashboard for hunting and identifying beaconing☆16Updated 5 years ago
- Threat Simulator for Enterprise Networks☆14Updated 3 years ago
- Melody is a transparent internet sensor built for threat intelligence. Supports custom tagging rules and vulnerable application simulatio…☆141Updated 5 months ago
- Visual Studio Code extension for MITRE ATT&CK☆54Updated last year
- Automatic detection engineering technical state compliance☆55Updated last year
- Snapshot, patch, health-check, and potentially roll-back Windows VMs☆34Updated 7 years ago
- Lokix Platform is a free open-source solution to help blue teams and threat hunters use Loki Scanner to sweep enterprise networks☆25Updated 5 years ago
- OSSEM Common Data Model☆56Updated 2 years ago
- ☆34Updated 2 years ago
- Security Onion + Automation + Response Lab including n8n and Velociraptor☆111Updated 2 years ago
- Powershell Scripts to work on Crowdstrike Falcon that pull back raw data relevant to forensic investigation☆23Updated 7 months ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆18Updated 5 years ago
- Collection of Dashboards for Threat Hunting and more!☆68Updated 4 years ago
- This repository contains advanced threat hunting scripts for Cisco Secure Endpoint API. The scripts leverage the AMP API to hunt for thre…☆14Updated last month
- Lua plugin to extract data from Wireshark and convert it into MISP format☆48Updated last year
- This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup…☆15Updated 4 years ago