MISP to Microsoft Defender integration
☆17Feb 24, 2026Updated 3 months ago
Alternatives and similar repositories for misp2defender
Users that are interested in misp2defender are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Menu for Thor scanner lite☆20Oct 24, 2025Updated 7 months ago
- KQL for Azure Resource Manager and AppID search☆23Aug 15, 2024Updated last year
- MAES: M365 Analyzer & Extractor Suite Po☆36May 4, 2026Updated 3 weeks ago
- Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.☆29Sep 29, 2025Updated 7 months ago
- A web application for generating, parsing and validating, manipulating, visualizing and executing CACAO v2.0 playbooks.☆40Aug 27, 2025Updated 8 months ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Outil de triage automatisé de différents types de collectes d'artefacts.☆18Dec 8, 2025Updated 5 months ago
- Playbooks designed for IBM SOAR developed by The IR Gurus. These playbooks can be used to demonstrate how to design playbooks, perform au…☆18May 1, 2024Updated 2 years ago
- ☆16Jun 5, 2024Updated last year
- This project contains a **test executable** specifically designed to trigger incidents in **Microsoft Defender for Endpoint (MDE)**. It…☆14Jul 20, 2025Updated 10 months ago
- Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view of…☆10Dec 22, 2023Updated 2 years ago
- Rulezet is an open-source web platform for sharing, evaluating, improving, and managing cybersecurity detection rules (YARA, Sigma, Suric…☆48May 13, 2026Updated last week
- ☆99Apr 3, 2026Updated last month
- ☆39May 9, 2026Updated 2 weeks ago
- Powershell Based tool for gathering information related to O365 intrusions and potential Breaches☆18Dec 29, 2024Updated last year
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- IOC/Hash scanner and IDS layer 4 designed to be portable and fast☆27Jan 28, 2026Updated 3 months ago
- ☆12Oct 9, 2022Updated 3 years ago
- A 30-day hands-on SOC Analyst project simulating real-world cyber attacks using ELK Stack, Mythic C2, osTicket & Elastic Defend. Covers t…☆43Jun 10, 2025Updated 11 months ago
- A script designed to test passwords against user accounts within an Active Directory environment, offering customizable Account Lockout T…☆17Jan 28, 2026Updated 3 months ago
- MISP to Sentinel integration☆80May 17, 2026Updated last week
- EVerest demo: Dockerized demo with software in the loop simulation☆31Dec 17, 2025Updated 5 months ago
- service to convert nfcapd files clickhouse as they are created☆10Mar 22, 2025Updated last year
- Block ads and malicious domains with response policy zones☆12Jun 10, 2020Updated 5 years ago
- MuonFP is an enterprise ready, TCP passive fingerprinter written in Rust that has no external dependencies such as WireShark or other ope…☆32Mar 27, 2026Updated last month
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.☆39Oct 30, 2024Updated last year
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.☆195Feb 20, 2026Updated 3 months ago
- Online resources related to SOC Analysts. Incident investigation reference material, blogs, newsletters, good reads, books, trainings, po…☆57Feb 14, 2026Updated 3 months ago
- A collection of Script for Red Team & Incidence Response☆11Jun 30, 2022Updated 3 years ago
- A curated list of FOSS software appliances for building a SOC☆18Jan 11, 2021Updated 5 years ago
- Pure Python netflow and DNS correlation, with reusable Frame Streams, DnsTap and Protobuf implementations☆17Aug 30, 2025Updated 8 months ago
- Security Operation Center Lab☆21Oct 8, 2024Updated last year
- IP address filter by City☆12Jan 17, 2025Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Tool that gathers a customizable set of ETW telemetry and generates user-defined detections☆54Jan 28, 2026Updated 3 months ago
- command line tool to use the DNSDB Flexible Search API extensions.☆16Aug 5, 2024Updated last year
- A preconfigured Velociraptor triage collector☆77May 4, 2026Updated 3 weeks ago
- A package to create HTML MISP reports, including volume of trending events and attributes, evens received from key organisations and targ…☆12Aug 14, 2025Updated 9 months ago
- This repo shares blue team security notes and resources for detecting and preventing cyber attacks. Topics covered include email, file, l…☆53Apr 5, 2025Updated last year
- This directory contains presentations and related materials of my speaking engagements. I also use this to record historical presentation…☆17Feb 13, 2025Updated last year
- AI-powered phishing & threat-analysis platform to automatically inspect, classify, and report suspicious emails, files, URLs, IPs, and ha…☆83Updated this week