daverstephens / The-SOC-ShopView external linksLinks
Repository of scripts/tools that may be useful in Security Operations Centres (SOC)
☆55Nov 25, 2020Updated 5 years ago
Alternatives and similar repositories for The-SOC-Shop
Users that are interested in The-SOC-Shop are comparing it to the libraries listed below
Sorting:
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆20May 25, 2022Updated 3 years ago
- Script for pulling events from a MISP database and converting them to Autofocus queries.☆13Dec 28, 2015Updated 10 years ago
- Enables dynamic translation of structured data between formats☆14Dec 14, 2018Updated 7 years ago
- ☆19Jul 24, 2021Updated 4 years ago
- Some IR notes☆73Jul 23, 2016Updated 9 years ago
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Jul 27, 2020Updated 5 years ago
- Integration between MISP platform and McAfee MVISION EDR☆14Mar 14, 2022Updated 3 years ago
- A Docker container for Moloch based on minimal Debian☆13Jun 23, 2017Updated 8 years ago
- Python libary to normalize Yara signatures☆19Oct 9, 2020Updated 5 years ago
- Website letting users query information from many different security threat intelligence APIs☆26Sep 30, 2020Updated 5 years ago
- Scripts for accessing and transforming cyber threat intelligence☆26Nov 22, 2015Updated 10 years ago
- Collection of best practices to add OSINT into MISP and/or MISP communities☆65Sep 29, 2023Updated 2 years ago
- Enrich a host with open source security information☆27Oct 4, 2015Updated 10 years ago
- Exporting MISP event attributes to yara rules usable with Thor apt scanner☆24Mar 27, 2017Updated 8 years ago
- Parse a report and import the events into MISP☆30Oct 19, 2015Updated 10 years ago
- Security Operation Center Lab☆20Oct 8, 2024Updated last year
- Anti-Honeypot Demo (obsolete)☆18Jul 24, 2017Updated 8 years ago
- A browser extension that seamlessly integrates your yara match notifications into VirusTotal Intelligence.☆17Feb 8, 2015Updated 11 years ago
- A tool to convert MISP XML files (events and attributes) into graphs☆20May 13, 2017Updated 8 years ago
- ☆37Feb 3, 2017Updated 9 years ago
- IOC Management and Visualization Tool☆48Dec 8, 2022Updated 3 years ago
- Feed Generator for MISP☆19Nov 2, 2022Updated 3 years ago
- A curated list of FOSS software appliances for building a SOC☆18Jan 11, 2021Updated 5 years ago
- Python scripts to download, parse, and enrich scans.io study data and load into Splunk for research, threat intelligence gathering, and s…☆19Updated this week
- Grab a Twitter user timeline for further processing (storing to Elasticsearch, highligthing, etc)☆41Aug 28, 2015Updated 10 years ago
- Hakabana monitoring tool using Haka, ElastcSearch and Kibana☆20Sep 24, 2014Updated 11 years ago
- ☆20Aug 4, 2019Updated 6 years ago
- the fastest way to consume threat intelligence.☆31Mar 9, 2023Updated 2 years ago
- Flexible framework that allows automation to process cyber threat information and update endpoint defense tools.☆20Oct 24, 2018Updated 7 years ago
- Web interface to IntelMQ☆10Sep 10, 2025Updated 5 months ago
- Work Fast With the pattern matching swiss knife for malware researchers.☆38Mar 26, 2016Updated 9 years ago
- This repository is a curated list of pro bono incident response entities.��☆21Jun 21, 2023Updated 2 years ago
- Ops-Trust Platform - Portal☆21Aug 5, 2016Updated 9 years ago
- Public Maltego Transforms☆24May 24, 2017Updated 8 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆122Jul 12, 2021Updated 4 years ago
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆65Oct 31, 2017Updated 8 years ago
- yara rules for cryptography detection☆30Apr 28, 2014Updated 11 years ago
- DPS' Lightweight Investigation Notebook☆433Dec 31, 2023Updated 2 years ago
- A Postfix filter which takes a piped message and submits it to Cuckoo Sandbox☆11Apr 3, 2016Updated 9 years ago