jtschichold / panwdbl
Simple block lists hub for PAN-OS DBL feature
☆35Updated 6 years ago
Alternatives and similar repositories for panwdbl:
Users that are interested in panwdbl are comparing it to the libraries listed below
- Check_ioc is a script to check for various, selectable indicators of compromise on Windows systems via PowerShell and Event Logs. It was …☆77Updated 7 years ago
- ☆38Updated 6 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Updated last year
- Scripts for Bro IDS and ELK Stack☆56Updated 9 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Updated 5 years ago
- WebUI of MineMeld☆43Updated 2 years ago
- ☆48Updated 4 years ago
- Dashboards and loader for ROCK NSM dashboards☆48Updated 2 years ago
- Push "BAD" IPs/Networks into QRadar's "Remote Networks", tag them properly, and use them!☆18Updated 11 years ago
- Ansible playbook for installing MineMeld on Linux☆48Updated 4 years ago
- Cyber Defence Monitoring Course Suite :: Suricata, Bro, Moloch☆61Updated 8 years ago
- Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases☆153Updated last year
- Virustotal Lookup filter for Logstash☆16Updated 7 years ago
- MineMeld nodes for MISP☆19Updated last year
- Bro-IDS scripts☆50Updated 8 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆22Updated 7 years ago
- Sysmon configuration file template with default high-quality event tracing☆17Updated 3 years ago
- Basic Anomaly IDS capabilities with Python and Bro☆105Updated 7 years ago
- Sysmon configuration☆66Updated 6 years ago
- Files from my Storm Center Articles☆17Updated last year
- setup zeek, previously Bro IDS☆18Updated 3 months ago
- Traceroute improved wrapper for CSIRT and CERT operators☆37Updated 5 months ago
- ☆140Updated 9 months ago
- Parse URLCrazy and dnstwist output and compare against previous runs to identify new typosquatted domains.☆51Updated 9 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- Use OpenDNS's investigate API to find newly observed domains which match a brand or string☆17Updated 8 years ago
- Utilities and scripts for bro-ids☆22Updated 11 years ago
- This is a script module for Bro that encapsulates and detects activity related to the Mandiant APT1 report.☆47Updated 11 years ago
- Security Onion Elastic Stack☆46Updated 4 years ago
- brocon-15 scripts☆13Updated 7 years ago