bammv / sguil
Sguil client for NSM
☆213Updated 6 months ago
Related projects: ⓘ
- A Simple QUEry and Report Tool☆142Updated 5 years ago
- Barnyard2 is a dedicated spooler for Snort's unified2 binary output format.☆344Updated 5 months ago
- Sandia Cyber Omni Tracker (SCOT)☆244Updated last year
- ** README ** This repo has MOVED to https://github.com/quadrantsec/sagan☆229Updated 3 years ago
- Automated deployment scripts for the RockNSM network hunting distribution.☆446Updated last year
- ☆139Updated 3 months ago
- The OTX Suricata Rule Generator can be used to create the rules and configuration for Suricata to alert on indicators from your OTX accou…☆105Updated 4 months ago
- Evolving directions on building the best Open Source Forensics VM☆160Updated 6 years ago
- A live dashboard for a real-time overview of threat intelligence from MISP instances☆192Updated last year
- Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases☆148Updated 6 months ago
- ☆200Updated last year
- Alienvault ossim☆118Updated 5 years ago
- CIF v3 -- the fastest way to consume threat intelligence☆181Updated last year
- Snort + Barnyard2 + Pulledpork → The easy way!☆166Updated 3 years ago
- Web service for scanning pcaps with snort☆108Updated 6 years ago
- The Phishing Intelligence Engine - An Active Defense PowerShell Framework for Phishing Defense with Office 365☆178Updated 4 years ago
- Repo for autosnort scripts.☆157Updated 3 years ago
- Miscelaneous useful scripts for my day to day projects☆125Updated 4 years ago
- File Scanning Framework☆285Updated 3 years ago
- OSSEC Documentation☆137Updated 8 months ago
- Suricata Extreme Performance Tuning guide☆202Updated 6 years ago
- Pulled Pork for Snort and Suricata rule management (from Google code)☆419Updated 3 years ago
- Tool for managing Zeek deployments.☆53Updated last month
- MozDef: The Mozilla Defense Platform☆67Updated 4 years ago
- DPS' Lightweight Investigation Notebook☆421Updated 8 months ago
- ☆167Updated 3 years ago
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆174Updated 3 years ago
- Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search☆420Updated last month
- The default package source of the Zeek Package Manager. Wrote a package? See the README for how to get it included.☆128Updated this week
- Honeypot Intelligence with Splunk☆252Updated 5 years ago