corelight / corelight-clientLinks
Corelight Sensor API command-line client
☆17Updated 2 months ago
Alternatives and similar repositories for corelight-client
Users that are interested in corelight-client are comparing it to the libraries listed below
Sorting:
- Zeek package for tracking long connections to report them before they have completed.☆30Updated 4 months ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆18Updated 5 years ago
- Bro script package to create JSON formatted logs to stream into data analysis systems.☆28Updated last year
- Zeek support for Community ID flow hashing.☆35Updated last year
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆34Updated last month
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆39Updated 3 years ago
- Build Automated Machine Images for MISP☆28Updated last year
- Docker files for Security Onion☆41Updated 4 years ago
- Active Response plugin. Osquery to execute wazuh/ossec active response plugins. You can write your own plugins, easy to plug☆10Updated 4 years ago
- Best practices in threat intelligence☆47Updated 2 years ago
- Corelight-Ansible-Roles are a collection of Ansible Roles and playbooks that install, configure, run and manage a variety of Corelight, S…☆16Updated 3 years ago
- Automated process to build and distribute Posture & Exposure Reports' bi-weekly to customers.☆17Updated last year
- Zeek package for detecting the Eternal* exploits and a set of SMBv1 protocol violations.☆19Updated 3 years ago
- A few quick recipes for those that do not have much time during the day☆22Updated 7 months ago
- A Python implementation of the Community ID flow hashing standard☆23Updated last year
- A Zeek package that detects Zoom logins and meeting joins☆12Updated 5 years ago
- Puppet module that hardens Windows Server to DoD STIG compliance☆14Updated 5 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 4 years ago
- Specifications used in the MISP project including MISP core format☆51Updated 4 months ago
- Vulnerability Assessment Module - OpenVas with Elastic stack using VulnWhisperer☆19Updated 5 years ago
- Workflows for Shuffle☆23Updated 2 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2☆14Updated 4 years ago
- Sharing Threat Hunting runbooks☆25Updated 5 years ago
- Materials used and mentioned during my talk at SANS Cloud Security Summit 2018 in San Diego☆23Updated 7 years ago
- Run Velociraptor on Security Onion☆37Updated 2 years ago
- Enables Zeek to communicate with Tenzir☆11Updated last year
- Documentation for Zeek☆50Updated this week
- Kestrel Jupyter Notebook Kernel☆9Updated last year
- ☆34Updated 3 years ago
- Bro scripts to monitor for new hosts within a subnet range that aren't whitelisted/vetted.☆13Updated 11 years ago