dogoncouch / siemstress
Very basic CLI SIEM (Security Information and Event Management system).
☆34Updated 6 years ago
Related projects: ⓘ
- Best practices in threat intelligence☆46Updated last year
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆32Updated 2 years ago
- The Fastest way to consume Threat Intel☆25Updated 2 years ago
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆64Updated 6 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆15Updated 3 years ago
- ☆33Updated 3 years ago
- Elasticsearch/Kibana environment and log data for Sigma workshop☆26Updated 4 years ago
- Presentation Slides and Video links☆31Updated 2 years ago
- Searches for Insider Threat Hunting☆30Updated 5 years ago
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆37Updated 2 years ago
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Updated 4 years ago
- Easy way to create a MISP event related to a Phishing page☆17Updated last year
- Using QRadar API☆20Updated 6 years ago
- ☆28Updated 5 years ago
- Python parser for Red Canary's Atomic Red Team Yamls☆27Updated 5 years ago
- A script to create and assign SOP tasks into the cases☆18Updated 4 years ago
- Generic Signature Format for SIEM Systems☆14Updated 2 years ago
- A simple ReST server to lookup threat actors (by name, synonym or UUID) and returning the corresponding MISP galaxy information about the…☆47Updated 9 months ago
- Knowledge base of analytics designed to cover threats based on MITRE's ATT&CK.☆22Updated 5 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆49Updated 2 years ago
- ☆12Updated 4 years ago
- A few quick recipes for those that do not have much time during the day☆21Updated 3 weeks ago
- FIles and guides related to using Elasticstack as a SIEM☆12Updated 4 years ago
- This repository is created to add value to existing Network Security Monitoring solutions.☆16Updated 7 years ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆83Updated last year
- Home to the ActorTrackr source code☆27Updated 7 years ago
- Reference sheet for Threat Hunting Professional Course☆24Updated 5 years ago
- Modular command-line threat hunting tool & framework.☆16Updated 4 years ago
- ☆14Updated 6 years ago
- ☆29Updated 3 years ago