benjaminjost / elastic-siemLinks
Elastic SIEM template for docker
β18Updated 3 years ago
Alternatives and similar repositories for elastic-siem
Users that are interested in elastic-siem are comparing it to the libraries listed below
Sorting:
- π IRIS-SOAR: Modular SOAR (Security Orchestration, Automation, and Response) implementation in Python. Designed to complement DFIR-IRIS β¦β10Updated last year
- A collection of scripts, tools. and configs for various OS'es and applications, all free and or open-source, to assist in impromptu Blue-β¦β102Updated last year
- Security Onion + Automation + Response Lab including n8n and Velociraptorβ112Updated 2 years ago
- BLACK ESK SIEM is a SIEM platform built with Elasticsearch, Syslog-Ng and Kibanaβ28Updated 2 years ago
- Sysmon and wazuh integration with Sigma sysmon rules [updated]β68Updated 4 years ago
- Research repository tracking affected IPs from the Fortigate CVE-2022-40684 configuration leak by Belsen Groupβ86Updated 7 months ago
- β53Updated 2 weeks ago
- Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to automβ¦β49Updated last week
- Snapshot, patch, health-check, and potentially roll-back Windows VMsβ34Updated 7 years ago
- A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of theβ¦β63Updated 2 years ago
- β68Updated 4 years ago
- Integrate your Wazuh-Manager or Graylog with the SOCFortress Threat Intel Serviceβ29Updated 11 months ago
- Repo for Automations and other solutions for Elastic SIEM/Security.β18Updated 4 years ago
- This Repository gives the best and possible strategies against hunting the ransomwareβ26Updated 3 years ago
- BlueBox Malware analysis Box and Cyber threat intelligence.β43Updated 3 years ago
- IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.β35Updated 3 years ago
- Corelight@Home scriptβ43Updated last year
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Editionβ65Updated 3 years ago
- ADDS (Active Directory Domain Services)β28Updated 2 years ago
- Import CrowdStrike Threat Intelligence into your instance of MISPβ48Updated 2 months ago
- ELKFH - Elastic, Logstash, Kibana, Filebeat and Honeypot (HTTP, HTTPS, SSH, RDP, VNC, Redis, MySQL, MONGO, SMB, LDAP)β46Updated 4 years ago
- Threat Simulator for Enterprise Networksβ14Updated 3 years ago
- Collection of Dashboards for Threat Hunting and more!β68Updated 4 years ago
- This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malwarβ¦β33Updated 5 months ago
- A collection of various SIEM rules relating to malware family groups.β69Updated last year
- β19Updated 3 years ago
- β37Updated 2 years ago
- Tool used to perform threat intelligence against packet dataβ35Updated 7 months ago
- Some portable tools, some YARA, some Python, and a little bit of love. Not all of these tools can be used in incident response. Use PEsβ¦β39Updated 4 months ago
- Tool for quickly gathering information from Shodan.io about the number of IPs which satisfy large number of different queriesβ49Updated 2 years ago