dogoncouch / siemstress
Very basic CLI SIEM (Security Information and Event Management system).
☆36Updated 6 years ago
Alternatives and similar repositories for siemstress:
Users that are interested in siemstress are comparing it to the libraries listed below
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Updated 4 years ago
- Best practices in threat intelligence☆46Updated 2 years ago
- FIles and guides related to using Elasticstack as a SIEM☆12Updated 4 years ago
- Sharing Threat Hunting runbooks☆25Updated 5 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆34Updated 2 years ago
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆38Updated 2 years ago
- A few quick recipes for those that do not have much time during the day☆22Updated 4 months ago
- Generic Signature Format for SIEM Systems☆14Updated 3 years ago
- Reference sheet for Threat Hunting Professional Course☆25Updated 6 years ago
- Elasticsearch/Kibana environment and log data for Sigma workshop☆26Updated 5 years ago
- The Fastest way to consume Threat Intel☆25Updated 2 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 3 years ago
- Log aggregation, analysis, alerting and correlation for Windows, Syslog and text based logs.☆24Updated 8 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆51Updated 2 years ago
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆66Updated 7 years ago
- List CVEs and details that apply to your infrastructure (pre-inventoried).☆10Updated 4 years ago
- Notebooks created to attack and secure Active Directory environments☆27Updated 5 years ago
- Modular command-line threat hunting tool & framework.☆17Updated 4 years ago
- A SIEM inspired by HECTOR, built on Django.☆28Updated 5 years ago
- Repo for Automations and other solutions for Elastic SIEM/Security.☆18Updated 3 years ago
- Check IOC provided by a MISP instance on Suricata events☆17Updated 5 years ago
- Easy way to create a MISP event related to a Phishing page☆17Updated last year
- ☆21Updated 3 years ago
- Vulnerability Assessment Module - OpenVas with Elastic stack using VulnWhisperer☆19Updated 5 years ago
- ☆18Updated 3 years ago
- Python parser for Red Canary's Atomic Red Team Yamls☆27Updated 6 years ago
- Using QRadar API☆20Updated 7 years ago
- incident response scripts☆19Updated 6 years ago
- For storing of the volumes☆4Updated 5 years ago
- A collection of hunting and blue team scripts. Mostly others, some my own.☆38Updated 2 years ago