Cyber Analytics Platform and Examination System (CAPES) Project Page
☆60Aug 3, 2019Updated 6 years ago
Alternatives and similar repositories for capes
Users that are interested in capes are comparing it to the libraries listed below
Sorting:
- Range Traffic Generator - Used to simulate browsing traffic on a range.☆11May 24, 2017Updated 8 years ago
- Automated deployment scripts for the RockNSM network hunting distribution.☆456Jul 2, 2023Updated 2 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆122Jul 12, 2021Updated 4 years ago
- Dashboards and loader for ROCK NSM dashboards☆49Mar 13, 2023Updated 2 years ago
- Download a Bunch of Malware for Demos and Testing☆13Sep 28, 2018Updated 7 years ago
- Live events map as a Kibana plugin☆11Aug 10, 2017Updated 8 years ago
- ☆13Apr 8, 2022Updated 3 years ago
- A Docker container for Moloch based on minimal Debian☆13Jun 23, 2017Updated 8 years ago
- Threat Alert Logic Repository☆93Feb 7, 2019Updated 7 years ago
- Command line tool to interact with Chronicle's Config Based Normalizer (CBN) APIs.☆32Aug 31, 2023Updated 2 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Aug 30, 2022Updated 3 years ago
- This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.☆35Jul 8, 2019Updated 6 years ago
- A web-based tool to assist the work of the intuitive threat analysts.☆114Feb 9, 2019Updated 7 years ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆20May 25, 2022Updated 3 years ago
- TAXII 2.0 Server implemented in Node JS with MongoDB backend☆12Jan 3, 2023Updated 3 years ago
- ☆53Mar 4, 2019Updated 6 years ago
- Passive Network Audit Framework☆32May 17, 2018Updated 7 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆22Jan 30, 2018Updated 8 years ago
- Web interface to IntelMQ☆10Sep 10, 2025Updated 5 months ago
- 16,432 Free Yara rules created by☆390Jun 1, 2019Updated 6 years ago
- The Intelligent Honey Net Project attempts to create actionable information from honeypots☆65Nov 5, 2015Updated 10 years ago
- Automated Use Case Testing☆171May 1, 2018Updated 7 years ago
- Dockerfiles for NSM tools☆84Apr 14, 2017Updated 8 years ago
- Query and report user logons relations from MS Windows Security Events☆243Aug 9, 2018Updated 7 years ago
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆65Oct 31, 2017Updated 8 years ago
- Yara rules I've written☆10Dec 9, 2015Updated 10 years ago
- Zeek script library for getting the effective TLD of a domain.☆13Apr 12, 2024Updated last year
- Scripts used to create ISO installers of ROCK for offline installation.☆10Mar 13, 2023Updated 2 years ago
- Python script to automatically create sigma rules from The hive observables☆25Mar 17, 2019Updated 6 years ago
- bro on debian with elasticsearch support☆24Mar 27, 2017Updated 8 years ago
- This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.☆26May 18, 2021Updated 4 years ago
- SIAC is an enterprise SIEM built on open-source technology.☆113Oct 31, 2018Updated 7 years ago
- Debian and Red Hat packaging for SIE DNS sensor☆15May 5, 2023Updated 2 years ago
- Code for Rumal Backend that will interface with Thug Daemon☆11Nov 24, 2016Updated 9 years ago
- Bro Intel Feed Linter☆26Aug 30, 2019Updated 6 years ago
- A Yara rule generator for finding related samples and hunting☆162Sep 11, 2022Updated 3 years ago
- Import specific data sources into the Sigma generic and open signature format.☆79May 6, 2022Updated 3 years ago
- A script to track malware IOCs with OSINT on Twitter.☆54May 3, 2024Updated last year
- Hogzilla is an Intrusion Detection System (IDS) supported by Snort, Apache Spark, HBase and libnDPI, which provides Network Anomaly Detec…☆28Apr 18, 2018Updated 7 years ago