doksu / TA-asngen

Related projects ⓘ

Alternatives and complementary repositories for TA-asngen

• rkovar / splunk-hunting-helpers
  ☆55Updated 2 years ago
• Foundstone / InvestigationPlaybookSpec
  InvestigationPlaybookSpec
  ☆72Updated 7 years ago
• carbonblack / cbfeeds
  Carbon Black Feeds
  ☆70Updated last year
• maurermj08 / efetch
  Evidence Fetcher (efetch) is a web-based file explorer, viewer, and analyzer.
  ☆37Updated 4 years ago
• hire-vladimir / SA-NetOps
  Allows for MAC address to vendor mapping in Splunk
  ☆16Updated last year
• vmware-archive / cb-reporting
  Report Generation from the Carbon Black REST API
  ☆15Updated 2 years ago
• MattUebel / splunk_UF_hardening
  scripts to configure the Splunk Universal Forwarder in a locked down state
  ☆40Updated 5 years ago
• capesstack / capes
  Cyber Analytics Platform and Examination System (CAPES) Project Page
  ☆60Updated 5 years ago
• atc-project / atc-mitigation
  Actionable analytics designed to combat threats based on MITRE's ATT&CK.
  ☆22Updated 5 years ago
• PaloAltoNetworks / minemeld-misp
  MineMeld nodes for MISP
  ☆18Updated 9 months ago
• remg427 / misp42splunk
  A Splunk app to use MISP in background
  ☆109Updated 2 weeks ago
• n3l5 / irFARTpull
  PowerShell script utilized to pull several forensic artifacts from a live Win7 and WinXP system without WINRM.
  ☆50Updated 6 years ago
• exp0se / bro-intel-generator
  Script for generating Bro intel files from pdf or html reports
  ☆75Updated 8 years ago
• MHaggis / sysmon-splunk-app
  Sysmon Splunk App
  ☆46Updated 6 years ago
• MISP / mail_to_misp
  Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.
  ☆69Updated last year
• harvard-itsecurity / qradar-seculert-push
  Push "BAD" IPs/Networks into QRadar's "Remote Networks", tag them properly, and use them!
  ☆17Updated 11 years ago
• teamdfir / volatility-plugins-community
  Volatility plugins developed and maintained by the community
  ☆21Updated last month
• PaloAltoNetworks / minemeld-webui
  WebUI of MineMeld
  ☆43Updated last year
• ncsa / bro-doctor
  ☆23Updated 4 years ago
• pstirparo / utils
  Different DFIR and CTI utilities
  ☆36Updated 4 years ago
• eCrimeLabs / MISP2CbR
  Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.
  ☆19Updated 2 years ago
• coolacid / logstash-filter-virustotal
  Virustotal Lookup filter for Logstash
  ☆16Updated 7 years ago
• ciscocsirt / netsarlacc
  ☆38Updated 6 years ago
• pun1sh3r / iocminion
  Just another tool to extract Indicator of compromise (ioc) from files
  ☆28Updated 9 years ago
• aboutsecurity / Bro-samples
  Network Forensics Bro scripts & pcap samples
  ☆62Updated 10 years ago
• hosom / bro-otx
  Integrate Zeek with Alienvault OTX
  ☆24Updated 4 years ago