daveherrald/scansio-sonar-splunk

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/daveherrald/scansio-sonar-splunk)

daveherrald / scansio-sonar-splunk

Python scripts to download, parse, and enrich scans.io study data and load into Splunk for research, threat intelligence gathering, and security operations.

☆19

Alternatives and similar repositories for scansio-sonar-splunk

Users that are interested in scansio-sonar-splunk are comparing it to the libraries listed below

Sorting:

timfrazier1 / ART_Phantom
View on GitHub
Atomic Red Team App for Phantom
☆16Jul 7, 2020Updated 5 years ago
josehelps / blackcert
View on GitHub
Blackcert monitors Certificate Transparency Logs for a keyword. Blackcert collects any certificate changes for this keyword and also chec…
☆10Dec 8, 2022Updated 3 years ago
daveherrald / TA-cyberchef
View on GitHub
A set of Splunk workflow action definitions to export field values to CyberChef for further analysis.
☆13Jan 22, 2018Updated 8 years ago
blockadeio / cloud_node
View on GitHub
Python-based cloud node for local use
☆11Mar 7, 2018Updated 7 years ago
CIRCL / bgpranking-redis-api
View on GitHub
API to access the Redis database of a BGP Ranking instance.
☆17Dec 11, 2017Updated 8 years ago
jay-johnson / spylunking
View on GitHub
Drill down into your python logs using JSON logs stored in Splunk - supports sending over TCP or the Splunk HEC REST API handlers (using …
☆13Oct 18, 2022Updated 3 years ago
tmartin14 / splunk-sample-data
View on GitHub
A place to store sample data files for Splunk
☆15Aug 3, 2018Updated 7 years ago
pawan-regoti / Insight-IDR-LEQL-Cheat-Sheet
View on GitHub
Comprehensive Cheat Sheet for Rapid7's Insight-IDR LEQL Search Language.
☆11Mar 18, 2024Updated last year
jorritfolmer / TA-dmarc
View on GitHub
Add-on for ingesting DMARC aggregate reports into Splunk
☆15Dec 5, 2022Updated 3 years ago
gamelinux / activedns
View on GitHub
An active domain name query tool to help keep track of domain name movements...
☆16Mar 28, 2021Updated 4 years ago
my2ndhead / TA-microsoft-windows
View on GitHub
☆14Jul 8, 2016Updated 9 years ago
mpars0ns / scansio-sonar-es
View on GitHub
Python scripts to parse scans.io ssl data and ingest into elasticsearch for searching
☆33May 14, 2016Updated 9 years ago
egaus / malicious_url_analysis
View on GitHub
☆18Jun 8, 2018Updated 7 years ago
passivetotal / maltego_machines
View on GitHub
Machines created to speed up analysis inside of Maltego
☆16Mar 17, 2016Updated 9 years ago
apger / SA-RBA
View on GitHub
Risk Based Alerting Supporting Add-On (SA) for Splunk
☆44Oct 28, 2021Updated 4 years ago
Neo23x0 / space-id
View on GitHub
Invisible Watermarks with Space Characters in ASCII Files
☆21Jun 14, 2018Updated 7 years ago
daveherrald / SA-attck_nav
View on GitHub
Splunk App for MITRE Att&CK Navigator(TM)
☆23Mar 25, 2021Updated 4 years ago
brianwarehime / goldphish
View on GitHub
A Maltego transform and machine to identify possible phishing vectors using permutated domains
☆15Oct 14, 2015Updated 10 years ago
karttoon / iocs
View on GitHub
IoC's, PCRE's, YARA's etc
☆23Mar 25, 2025Updated 11 months ago
Fallenour / Venator
View on GitHub
Security Operations Center Multiple Purpose Tool, takes IP address input, conducts OSINT, conducts splunk, bro, fireeye, imperva, and fir…
☆22Jun 6, 2017Updated 8 years ago
anl-cyberscience / LQMToolset
View on GitHub
Flexible framework that allows automation to process cyber threat information and update endpoint defense tools.
☆20Oct 24, 2018Updated 7 years ago
nccgroup / yaml2yara
View on GitHub
Generate bulk YARA rules from YAML input
☆22Feb 3, 2020Updated 6 years ago
S03D4-164 / Hiryu
View on GitHub
IOC Management and Visualization Tool
☆48Dec 8, 2022Updated 3 years ago
rkovar / splunk-hunting-helpers
View on GitHub
☆55Mar 2, 2022Updated 4 years ago
anthonykasza / snapshooter
View on GitHub
It's like a polaroid, but for domains
☆24Feb 6, 2015Updated 11 years ago
daverstephens / The-SOC-Shop
View on GitHub
Repository of scripts/tools that may be useful in Security Operations Centres (SOC)
☆56Nov 25, 2020Updated 5 years ago
MHaggis / bookish-happiness
View on GitHub
OG Atomic Red Team
☆29Jun 12, 2018Updated 7 years ago
CIRCL / PyEUPI
View on GitHub
Client API to query the Phishing Initiative service API
☆24Jan 8, 2026Updated last month
CIRCL / traceroute-circl
View on GitHub
Traceroute improved wrapper for CSIRT and CERT operators
☆40Oct 9, 2024Updated last year
znb / Elastic-Elephant
View on GitHub
Fun with Amazon AWS and Maltego
☆29Jun 5, 2017Updated 8 years ago
ioc-fang / ioc-fanger
View on GitHub
Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .
☆68Oct 2, 2023Updated 2 years ago
ThreatConnect-Inc / threatconnect-playbooks
View on GitHub
Community driven repository of Playbooks and Apps for ThreatConnect.
☆74Nov 5, 2025Updated 4 months ago
hire-vladimir / SA-IdentityAssetExtraction
View on GitHub
Allows to pull asset and identity data into Splunk app for Enterprise Security from LDAP and other sources
☆28Feb 23, 2018Updated 8 years ago
JacobPimental / gunslinger
View on GitHub
Gunslinger is used to hunt for Magecart sites using URLScan's API
☆31Mar 15, 2022Updated 3 years ago
lolnate / vt-hunter
View on GitHub
Automation for VirusTotal
☆31May 6, 2016Updated 9 years ago
TheHive-Project / Synapse
View on GitHub
Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform
☆71Jul 28, 2023Updated 2 years ago
mhassan2 / splunk-n-box
View on GitHub
Docker Splunk "Orchestration" bash script (6,000+ lines) to create fully automated pre-configured splunk site-2-site clusters or stand al…
☆139Feb 29, 2020Updated 6 years ago
mattnovitsch / MECM
View on GitHub
☆12Jun 9, 2021Updated 4 years ago
eugene-taylashev / risk_management
View on GitHub
IT Risk Management tools
☆14Apr 4, 2025Updated 11 months ago