elastic / geneveLinks
☆13Updated this week
Alternatives and similar repositories for geneve
Users that are interested in geneve are comparing it to the libraries listed below
Sorting:
- OASIS Cyber Threat Intelligence (CTI) TC Open Repository: Convert STIX 1.2 XML to STIX 2.x JSON☆51Updated last year
- A Python library to help with some common threat hunting data analysis operations☆143Updated 2 years ago
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆34Updated 2 months ago
- STIX2 graph visualisation library in JS☆90Updated 2 months ago
- OASIS TC Open Repository: TAXII 2 Client Library Written in Python☆116Updated last year
- OASIS TC Open Repository: Validator for STIX 2.0 JSON normative requirements and best practices☆55Updated last month
- A Python implementation of the Community ID flow hashing standard☆23Updated last year
- Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash☆54Updated 3 years ago
- A python package for use in generating fake data for SOC and security automation.☆170Updated 5 months ago
- TAXII client implementation from EclecticIQ☆101Updated 3 years ago
- Definition, description and relationship types of MISP objects☆100Updated last month
- ☆38Updated 9 months ago
- misp-cloud - Cloud-ready images of MISP☆73Updated 3 years ago
- ☆28Updated 4 years ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆20Updated 3 years ago
- Translate STIX 2 Patterning Queries☆31Updated 6 years ago
- A Python library for handling TAXII Messages invoking TAXII Services.☆71Updated 4 years ago
- intelligence-icons is a collection of icons and diagrams for building training and marketing materials around Intelligence sharing; inclu…☆41Updated 6 years ago
- Wireshark plugin to display Suricata analysis info☆95Updated 3 years ago
- Synthetic Adversarial Log Objects: A Framework for synthentic log generation☆83Updated last year
- Specifications used in the MISP project including MISP core format☆51Updated last month
- Zeek support for Community ID flow hashing.☆36Updated 2 years ago
- This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.☆27Updated 4 years ago
- Best practices in threat intelligence☆48Updated 2 years ago
- A utility repo to assist with converting between MISP and STIX formats☆69Updated 4 years ago
- Swagger/ OpenAPI specifications for security products and services☆78Updated 3 weeks ago
- A website and framework for testing NIDS detection☆57Updated 4 years ago
- Actionable analytics designed to combat threats based on MITRE's ATT&CK.☆23Updated 6 years ago
- Parse wazuh[HIDS] alerts into ECS mapping using Filebeat☆27Updated 5 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 2 years ago