MISP to Microsoft Defender integration
☆17Feb 24, 2026Updated 3 months ago
Alternatives and similar repositories for misp2defender
Users that are interested in misp2defender are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Menu for Thor scanner lite☆20Oct 24, 2025Updated 7 months ago
- KQL for Azure Resource Manager and AppID search☆23Aug 15, 2024Updated last year
- MAES: M365 Analyzer & Extractor Suite Po☆36May 4, 2026Updated last month
- Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.☆29Sep 29, 2025Updated 8 months ago
- A web application for generating, parsing and validating, manipulating, visualizing and executing CACAO v2.0 playbooks.☆41Jun 6, 2026Updated last week
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Outil de triage automatisé de différents types de collectes d'artefacts.☆18Dec 8, 2025Updated 6 months ago
- ☆16Jun 5, 2024Updated 2 years ago
- Playbooks designed for IBM SOAR developed by The IR Gurus. These playbooks can be used to demonstrate how to design playbooks, perform au…☆18May 1, 2024Updated 2 years ago
- This project contains a **test executable** specifically designed to trigger incidents in **Microsoft Defender for Endpoint (MDE)**. It…☆14Jul 20, 2025Updated 10 months ago
- Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view of…☆10Dec 22, 2023Updated 2 years ago
- Rulezet is an open-source web platform for sharing, evaluating, improving, and managing cybersecurity detection rules (YARA, Sigma, Suric…☆50Updated this week
- ☆99Apr 3, 2026Updated 2 months ago
- ☆39May 9, 2026Updated last month
- Powershell Based tool for gathering information related to O365 intrusions and potential Breaches☆18Dec 29, 2024Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- IOC/Hash scanner and IDS layer 4 designed to be portable and fast☆27Jan 28, 2026Updated 4 months ago
- ☆12Oct 9, 2022Updated 3 years ago
- A 30-day hands-on SOC Analyst project simulating real-world cyber attacks using ELK Stack, Mythic C2, osTicket & Elastic Defend. Covers t…☆44Jun 10, 2025Updated last year
- A script designed to test passwords against user accounts within an Active Directory environment, offering customizable Account Lockout T…☆17Jan 28, 2026Updated 4 months ago
- A Compiler from Sigma rules to VQL☆19May 18, 2026Updated 3 weeks ago
- MISP to Sentinel integration☆81May 18, 2026Updated 3 weeks ago
- EVerest demo: Dockerized demo with software in the loop simulation☆31Dec 17, 2025Updated 5 months ago
- service to convert nfcapd files clickhouse as they are created☆10Mar 22, 2025Updated last year
- Block ads and malicious domains with response policy zones☆12Jun 10, 2020Updated 6 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- MuonFP is an enterprise ready, TCP passive fingerprinter written in Rust that has no external dependencies such as WireShark or other ope…☆32Mar 27, 2026Updated 2 months ago
- ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.☆39Oct 30, 2024Updated last year
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.☆195Feb 20, 2026Updated 3 months ago
- Online resources related to SOC Analysts. Incident investigation reference material, blogs, newsletters, good reads, books, trainings, po…☆59Feb 14, 2026Updated 4 months ago
- A collection of Script for Red Team & Incidence Response☆11Jun 30, 2022Updated 3 years ago
- A curated list of FOSS software appliances for building a SOC☆18Jan 11, 2021Updated 5 years ago
- Pure Python netflow and DNS correlation, with reusable Frame Streams, DnsTap and Protobuf implementations☆17Aug 30, 2025Updated 9 months ago
- An modular asset discovery framework written in python to automate the repeating manual work☆68May 30, 2026Updated 2 weeks ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Security Operation Center Lab☆21Oct 8, 2024Updated last year
- IP address filter by City☆12Jan 17, 2025Updated last year
- Tool that gathers a customizable set of ETW telemetry and generates user-defined detections☆55Jan 28, 2026Updated 4 months ago
- command line tool to use the DNSDB Flexible Search API extensions.☆16Aug 5, 2024Updated last year
- A preconfigured Velociraptor triage collector☆77Jun 4, 2026Updated last week
- A package to create HTML MISP reports, including volume of trending events and attributes, evens received from key organisations and targ…☆12Aug 14, 2025Updated 10 months ago
- This repo shares blue team security notes and resources for detecting and preventing cyber attacks. Topics covered include email, file, l…☆54Apr 5, 2025Updated last year