jorritfolmer / TA-dmarcLinks
Add-on for ingesting DMARC aggregate reports into Splunk
☆15Updated 2 years ago
Alternatives and similar repositories for TA-dmarc
Users that are interested in TA-dmarc are comparing it to the libraries listed below
Sorting:
- scripts to configure the Splunk Universal Forwarder in a locked down state☆40Updated 6 years ago
- ☆55Updated 3 years ago
- Carbon Black Feeds☆73Updated 2 years ago
- ☆14Updated 9 years ago
- Splunk app for visualization of DMARC RUA mails☆14Updated last year
- Splunk csv to KVStore ES Threat Intel☆11Updated 9 years ago
- Sunburst IOCs for Splunk Ingest☆18Updated 4 years ago
- Ansible playbook for installing MineMeld on Linux☆48Updated 4 years ago
- Expert Investigation Guides☆50Updated 4 years ago
- Risk Based Alerting Supporting Add-On (SA) for Splunk☆45Updated 3 years ago
- Powering Up Incident Response with Power-Response☆63Updated 5 years ago
- Sysmon Splunk App☆47Updated 7 years ago
- A Splunk app to use MISP in background☆111Updated last month
- This repo represents work the Phantom Community collaborates on to build apps and learn.☆13Updated 4 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆112Updated 5 years ago
- A Splunk app with saved reports derived from Sigma rules☆73Updated 7 years ago
- InvestigationPlaybookSpec☆72Updated 7 years ago
- MineMeld nodes for MISP☆19Updated last year
- ☆49Updated 5 years ago
- ☆133Updated last year
- A collection of Cortex Analyzers and Responders for TheHive/Cortex☆13Updated 5 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆110Updated 5 years ago
- Volatility plugins developed and maintained by the community☆21Updated 11 months ago
- ☆55Updated 4 years ago
- QRadar Export the rule set for printing☆22Updated 7 years ago
- CB API scripts for IR, administration, etc.☆32Updated 6 years ago
- A free incident response management and documentation workbook☆25Updated 6 years ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆20Updated 3 years ago
- Office365 Log Analysis Framework☆81Updated 6 years ago
- Integrate Zeek with Alienvault OTX☆25Updated 4 years ago