Elastic version of SOC prime watcher rules
☆30Oct 14, 2024Updated last year
Alternatives and similar repositories for Elasticsearch_rules
Users that are interested in Elasticsearch_rules are comparing it to the libraries listed below
Sorting:
- Mapping Corelight or Zeek data to Elastic Common Schema logs☆12Dec 21, 2025Updated 2 months ago
- Scripts to check for security issues with SSH keys and authorized_keys files on Linux and other Unix-like operating systems.☆23Sep 29, 2025Updated 5 months ago
- A Shodan-based tool to discover publicly exposed Ollama instances and list available LLM models.☆20May 27, 2025Updated 9 months ago
- Powershell Based tool for gathering information related to O365 intrusions and potential Breaches☆17Dec 29, 2024Updated last year
- ☆17Aug 27, 2022Updated 3 years ago
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆33Nov 3, 2025Updated 4 months ago
- FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆16Oct 12, 2018Updated 7 years ago
- ☆134Mar 21, 2024Updated last year
- Proof of concept communications from C# via a web browser process☆21Feb 15, 2019Updated 7 years ago
- Repo for experimenting and testing MCP server builds for CTI-related research.☆27May 13, 2025Updated 9 months ago
- A Model Context Protocol server that provides access to Shodan API functionality☆40Jun 29, 2025Updated 8 months ago
- Python script to automatically create sigma rules from The hive observables☆25Mar 17, 2019Updated 6 years ago
- ☆11Feb 9, 2023Updated 3 years ago
- Exam Report Template - eWPT☆24Oct 18, 2021Updated 4 years ago
- Sandbox samples and monitor them with kunai☆29Jun 24, 2025Updated 8 months ago
- This repo hosts an MCP server for volatility3.x☆39Jul 9, 2025Updated 7 months ago
- A class validation and transformation library, to ensure secure data structures in Python.☆10May 16, 2024Updated last year
- ☆12Updated this week
- The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders…☆149Jul 9, 2025Updated 7 months ago
- ☆12Sep 9, 2023Updated 2 years ago
- Repo for my scripts that I've made for work done, not all are functional, some are abandoned or WIP.☆10Jan 9, 2026Updated last month
- ☆34Apr 29, 2021Updated 4 years ago
- ☆22Nov 22, 2025Updated 3 months ago
- A minimalist Hugo theme that helps you build fully responsive documentation websites for small projects.☆10Oct 19, 2021Updated 4 years ago
- ☆13Feb 20, 2026Updated last week
- A Los Angeles Times analysis of helicopter accident rates☆11Dec 21, 2020Updated 5 years ago
- netbeacon - monitoring your network capture, NIDS or network analysis process☆19Oct 26, 2013Updated 12 years ago
- Wafid allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.☆10Oct 19, 2020Updated 5 years ago
- This project contains a **test executable** specifically designed to trigger incidents in **Microsoft Defender for Endpoint (MDE)**. It…☆14Jul 20, 2025Updated 7 months ago
- DeTT&CT Editor☆12Jan 21, 2026Updated last month
- MISP to Microsoft Defender integration☆16Feb 24, 2026Updated last week
- Zeek support for Community ID flow hashing.☆36Jul 11, 2023Updated 2 years ago
- ☆12Mar 31, 2025Updated 11 months ago
- Inspired by the Tryhackme.com Room "Python for Pentesters"☆10Jun 9, 2024Updated last year
- A nodejs web application honeypot☆47Aug 23, 2015Updated 10 years ago
- PhishDetect is a library to help identify phishing pages☆108May 11, 2023Updated 2 years ago
- This library allows you to track the commits from the facepunch site.☆10Mar 30, 2023Updated 2 years ago
- How can you track the hunting techniques you come up with?☆13Sep 3, 2017Updated 8 years ago
- Magento Security Scanner☆13Jan 10, 2022Updated 4 years ago