pollen - A command-line tool for interacting with TheHive
☆36Jun 6, 2019Updated 6 years ago
Alternatives and similar repositories for pollen
Users that are interested in pollen are comparing it to the libraries listed below
Sorting:
- A curated list of awesome things related to TheHive & Cortex☆185Oct 9, 2021Updated 4 years ago
- ☆14May 30, 2018Updated 7 years ago
- Windows registry samples☆24Nov 18, 2018Updated 7 years ago
- ARDvark parses the Apple Remote Desktop (ARD) files to pull out application usage, user activity, and filesystem listings.☆36Jun 1, 2023Updated 2 years ago
- Generate a Yara rule to find base64-encoded files containg a specific keyword☆40Jul 13, 2018Updated 7 years ago
- USN to JSON☆22Apr 4, 2020Updated 5 years ago
- Emulates the Sysinternals Autoruns tool, but for DFIR purposes e.g. multi user processing☆55May 18, 2019Updated 6 years ago
- Writeups of some of PicoCTF 2017 challenges.☆10Aug 3, 2018Updated 7 years ago
- Cuckoo Sandbox is an automated dynamic malware analysis system☆10Sep 11, 2020Updated 5 years ago
- Queries for parsed spotlight database in sqlite☆13Dec 29, 2020Updated 5 years ago
- Parsers for common structures across windows formats.☆12Aug 23, 2023Updated 2 years ago
- Tool to parse SRU database☆25Mar 1, 2018Updated 7 years ago
- Scripts for TheHive.☆23Nov 15, 2019Updated 6 years ago
- Duo MFA auditing tool to test users' likelihood of approving unexpected push notifications☆13Apr 20, 2018Updated 7 years ago
- Sys Mon! Why yu nuh logging dat?☆12Dec 10, 2018Updated 7 years ago
- A Golang API for TheHive☆13Sep 3, 2020Updated 5 years ago
- CTF Writeups☆12Feb 25, 2023Updated 3 years ago
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- ☆23May 19, 2019Updated 6 years ago
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆505Oct 21, 2022Updated 3 years ago
- Automated, Collection, and Enrichment Platform☆324Nov 14, 2019Updated 6 years ago
- Bro PCAP Processing and Tagging API☆28Nov 9, 2017Updated 8 years ago
- Awesome VirusTotal Intelligence Search Queries☆332May 16, 2023Updated 2 years ago
- This package allows for creating alerts in The Hive from emails retrieved from a Microsoft Exchange mailbox.☆12Jul 13, 2017Updated 8 years ago
- Tools for macOS Forensic Bootable media☆15May 20, 2020Updated 5 years ago
- ☆13Apr 8, 2022Updated 3 years ago
- Slides from my AD Privesc talk at WAHCKon 2017☆16May 6, 2017Updated 8 years ago
- Scripts and tools created for appx analysis talk (Magnet summit 2019)☆19Feb 26, 2024Updated 2 years ago
- NTFS file system specimens☆13Jul 3, 2023Updated 2 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Scripts that I've written that others may find useful☆14Aug 17, 2022Updated 3 years ago
- A Windows Event Processing Utility☆47Feb 21, 2018Updated 8 years ago
- Parses the WMI object database....looking for persistence☆34Dec 12, 2019Updated 6 years ago
- Investigate suspicious activity by visualizing Sysmon's event log☆431Dec 22, 2023Updated 2 years ago
- Notes from my "Implementing a Kick-Butt Training Program: Blue Team GO!" talk☆14Mar 4, 2019Updated 6 years ago
- A lightweight C++/C AFF4 reader library☆14Feb 5, 2026Updated 3 weeks ago
- Dockerfiles for containerized osquery☆14May 23, 2017Updated 8 years ago
- IP addresses exploiting recent log4j2 vulnerability CVE-2021-44228☆16Dec 19, 2021Updated 4 years ago
- Information about most important hunts which can be performed by Threat hunters while searching for any adversary/threats inside the orga…☆15May 18, 2019Updated 6 years ago