MISP to Microsoft Defender integration
☆17Feb 24, 2026Updated last month
Alternatives and similar repositories for misp2defender
Users that are interested in misp2defender are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Menu for Thor scanner lite☆20Oct 24, 2025Updated 5 months ago
- KQL for Azure Resource Manager and AppID search☆23Aug 15, 2024Updated last year
- MAES: M365 Analyzer & Extractor Suite Po☆33Feb 14, 2026Updated last month
- Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.☆29Sep 29, 2025Updated 5 months ago
- A web application for generating, parsing and validating, manipulating, visualizing and executing CACAO v2.0 playbooks.☆39Aug 27, 2025Updated 6 months ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Outil de triage automatisé de différents types de collectes d'artefacts.☆18Dec 8, 2025Updated 3 months ago
- Playbooks designed for IBM SOAR developed by The IR Gurus. These playbooks can be used to demonstrate how to design playbooks, perform au…☆18May 1, 2024Updated last year
- ☆16Jun 5, 2024Updated last year
- This project contains a **test executable** specifically designed to trigger incidents in **Microsoft Defender for Endpoint (MDE)**. It…☆14Jul 20, 2025Updated 8 months ago
- Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view of…☆10Dec 22, 2023Updated 2 years ago
- Rulezet is an open-source web platform for sharing, evaluating, improving, and managing cybersecurity detection rules (YARA, Sigma, Suric…☆42Updated this week
- ☆100Oct 22, 2025Updated 5 months ago
- ☆39Sep 10, 2025Updated 6 months ago
- Powershell Based tool for gathering information related to O365 intrusions and potential Breaches☆17Dec 29, 2024Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- IOC/Hash scanner and IDS layer 4 designed to be portable and fast☆27Jan 28, 2026Updated last month
- ☆12Oct 9, 2022Updated 3 years ago
- A 30-day hands-on SOC Analyst project simulating real-world cyber attacks using ELK Stack, Mythic C2, osTicket & Elastic Defend. Covers t…☆41Jun 10, 2025Updated 9 months ago
- A script designed to test passwords against user accounts within an Active Directory environment, offering customizable Account Lockout T…☆17Jan 28, 2026Updated last month
- MISP to Sentinel integration☆79Feb 6, 2026Updated last month
- EVerest demo: Dockerized demo with software in the loop simulation☆29Dec 17, 2025Updated 3 months ago
- service to convert nfcapd files clickhouse as they are created☆10Mar 22, 2025Updated last year
- Block ads and malicious domains with response policy zones☆12Jun 10, 2020Updated 5 years ago
- Online resources related to SOC Analysts. Incident investigation reference material, blogs, newsletters, good reads, books, trainings, po…☆47Feb 14, 2026Updated last month
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.☆39Oct 30, 2024Updated last year
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- MuonFP is an enterprise ready, TCP passive fingerprinter written in Rust that has no external dependencies such as WireShark or other ope…☆29Dec 12, 2025Updated 3 months ago
- MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.☆193Feb 20, 2026Updated last month
- A collection of Script for Red Team & Incidence Response☆11Jun 30, 2022Updated 3 years ago
- Pure Python netflow and DNS correlation, with reusable Frame Streams, DnsTap and Protobuf implementations☆17Aug 30, 2025Updated 6 months ago
- A curated list of FOSS software appliances for building a SOC☆18Jan 11, 2021Updated 5 years ago
- Security Operation Center Lab☆20Oct 8, 2024Updated last year
- IP address filter by City☆12Jan 17, 2025Updated last year
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- 《動手學深度學習》面向中文讀者、能運行、可討論。中英文版被55個國家的300所大學用於教學。☆33Jul 18, 2024Updated last year
- A preconfigured Velociraptor triage collector☆76Mar 2, 2026Updated 3 weeks ago
- Tool that gathers a customizable set of ETW telemetry and generates user-defined detections☆47Jan 28, 2026Updated last month
- command line tool to use the DNSDB Flexible Search API extensions.☆16Aug 5, 2024Updated last year
- A package to create HTML MISP reports, including volume of trending events and attributes, evens received from key organisations and targ…☆12Aug 14, 2025Updated 7 months ago
- This repo shares blue team security notes and resources for detecting and preventing cyber attacks. Topics covered include email, file, l…☆52Apr 5, 2025Updated 11 months ago
- This directory contains presentations and related materials of my speaking engagements. I also use this to record historical presentation…☆17Feb 13, 2025Updated last year