dogoncouch / siemstress

Related projects: ⓘ

• MISP / best-practices-in-threat-intelligence
  Best practices in threat intelligence
  ☆46Updated last year
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆32Updated 2 years ago
• csirtgadgets / verbose-robot
  The Fastest way to consume Threat Intel
  ☆25Updated 2 years ago
• PolitoInc / ELK-Hunting
  Threat Hunting with ELK Workshop (InfoSecWorld 2017)
  ☆64Updated 6 years ago
• BreakingMalwareResearch / YetiToElastic
  YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack
  ☆15Updated 3 years ago
• OTRF / openhunt
  ☆33Updated 3 years ago
• thomaspatzke / sigma-workshop
  Elasticsearch/Kibana environment and log data for Sigma workshop
  ☆26Updated 4 years ago
• Cyb3rWard0g / presentations
  Presentation Slides and Video links
  ☆31Updated 2 years ago
• randomuserid / Baltar
  Searches for Insider Threat Hunting
  ☆30Updated 5 years ago
• karthikkbala / MISP-QRadar-Integration
  The Project can be used to integrate QRadar with MISP Threat Sharing Platform
  ☆37Updated 2 years ago
• Hestat / soc-threat-hunting
  Repo of python/bash scripts for identifying IoC's in threat feed and other online tools
  ☆26Updated 4 years ago
• eCrimeLabs / phish2MISP
  Easy way to create a MISP event related to a Phishing page
  ☆17Updated last year
• stahler / QRadar
  Using QRadar API
  ☆20Updated 6 years ago
• sans-blue-team / sec455-wiki
  ☆28Updated 5 years ago
• JimmyAstle / Atomic-Parser
  Python parser for Red Canary's Atomic Red Team Yamls
  ☆27Updated 5 years ago
• CanTopay / thehive-playbook-creator
  A script to create and assign SOP tasks into the cases
  ☆18Updated 4 years ago
• OTRF / sigma
  Generic Signature Format for SIEM Systems
  ☆14Updated 2 years ago
• MISP / threat-actor-intelligence-server
  A simple ReST server to lookup threat actors (by name, synonym or UUID) and returning the corresponding MISP galaxy information about the…
  ☆47Updated 9 months ago
• Neo23x0 / atomic-threat-coverage
  Knowledge base of analytics designed to cover threats based on MITRE's ATT&CK.
  ☆22Updated 5 years ago
• Loginsoft-Research / detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆49Updated 2 years ago
• weslambert / securityonion-strelka
  ☆12Updated 4 years ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆21Updated 3 weeks ago
• TonyPhipps / Elasticstack
  FIles and guides related to using Elasticstack as a SIEM
  ☆12Updated 4 years ago
• SMAPPER / NSM
  This repository is created to add value to existing Network Security Monitoring solutions.
  ☆16Updated 7 years ago
• 3CORESec / S2AN
  S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
  ☆83Updated last year
• jalewis / actortrackr
  Home to the ActorTrackr source code
  ☆27Updated 7 years ago
• shr3ddersec / ThreatHunting
  Reference sheet for Threat Hunting Professional Course
  ☆24Updated 5 years ago
• sk4la / plast
  Modular command-line threat hunting tool & framework.
  ☆16Updated 4 years ago
• caschnee / misp-use-cases
  ☆14Updated 6 years ago
• securitydistractions / elastimispstash
  ☆29Updated 3 years ago