arosenmund / DCO
☆11Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for DCO
- Import Bro logs from SecurityOnion into Logstash☆15Updated 9 years ago
- Carbon Black Feeds☆70Updated last year
- Integrate Zeek with Alienvault OTX☆25Updated 4 years ago
- ☆48Updated 4 years ago
- Sysmon Splunk App☆46Updated 6 years ago
- The Bro/Zeek language cheat sheet☆50Updated 11 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Updated 5 years ago
- InvestigationPlaybookSpec☆72Updated 7 years ago
- ☆55Updated 2 years ago
- Collecting & Hunting for IOCs with gusto and style☆116Updated 6 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Updated 9 months ago
- ☆36Updated 8 years ago
- QRadar Export the rule set for printing☆22Updated 7 years ago
- Splunk Boss of the SOC v1 data set.☆111Updated 6 years ago
- This repository is created to add value to existing Network Security Monitoring solutions.☆42Updated 8 years ago
- Network Forensics Bro scripts & pcap samples☆62Updated 10 years ago
- Check_ioc is a script to check for various, selectable indicators of compromise on Windows systems via PowerShell and Event Logs. It was …☆76Updated 6 years ago
- Office365 Log Analysis Framework☆81Updated 5 years ago
- Volatility plugins developed and maintained by the community☆21Updated 2 months ago
- ☆48Updated 8 years ago
- Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.☆69Updated last year
- CB API scripts for IR, administration, etc.☆32Updated 5 years ago
- Assimilate is a series of scripts for using the Naïve Bayes algorithm to find potential malicious activity in HTTP headers☆90Updated 7 years ago
- Expert Investigation Guides☆50Updated 3 years ago
- MineMeld nodes for MISP☆18Updated 9 months ago