ArcSight's Common Event Format library
☆39Nov 3, 2023Updated 2 years ago
Alternatives and similar repositories for cefevent
Users that are interested in cefevent are comparing it to the libraries listed below
Sorting:
- Microfocus ArcSight FlexConnector for Microsoft Sysmon tool☆19Jan 14, 2021Updated 5 years ago
- Carbon Black - LastLine Binary Detonation Connector☆11May 22, 2023Updated 2 years ago
- Stream Lookup function for GrayLog2 Pipeline Processor☆14Oct 1, 2021Updated 4 years ago
- A collection of YARA rules for public use. Built from information in intelligence profiles, dossiers and file work.☆18Sep 10, 2023Updated 2 years ago
- Binarly SDK v1☆14Dec 18, 2016Updated 9 years ago
- This repository is created to add value to existing Network Security Monitoring solutions.☆17Sep 30, 2016Updated 9 years ago
- Python API bindings for FireEye Products☆13Feb 17, 2021Updated 5 years ago
- An open source virus scan aggregation framework.☆25Apr 25, 2014Updated 11 years ago
- threat language parser☆59Apr 20, 2015Updated 10 years ago
- Generate a Yara rule to find base64-encoded files containg a specific keyword☆40Jul 13, 2018Updated 7 years ago
- Find Unicode (including Internationalized) domain squats. https://xntwist.hightower.space/☆21Dec 26, 2022Updated 3 years ago
- ☆22Sep 16, 2025Updated 5 months ago
- IoC's, PCRE's, YARA's etc☆23Mar 25, 2025Updated 11 months ago
- Implementation of Context-Graph algorithms for graph enrichment and querying.☆24Jul 24, 2015Updated 10 years ago
- Yara rules for detecting malware☆23Sep 9, 2025Updated 5 months ago
- Windows Event Forwarding for Active Directory Security Logs☆29Jun 28, 2016Updated 9 years ago
- ☆23Jul 7, 2023Updated 2 years ago
- Parse Yara rules and operate over them more easily.☆51Jan 7, 2019Updated 7 years ago
- Yaras Random☆24Feb 21, 2019Updated 7 years ago
- Python library for the ArcSight logger REST API☆27Sep 30, 2021Updated 4 years ago
- Python PCAP Examiner☆25May 14, 2021Updated 4 years ago
- Malice Yara Plugin☆30Sep 8, 2019Updated 6 years ago
- An ICAP Server with yara scanner for URL and content.☆58Dec 19, 2024Updated last year
- Analysis Correlation Engine☆26Sep 8, 2019Updated 6 years ago
- swffile.py - SWF file parser module in Python☆28Apr 4, 2016Updated 9 years ago
- Unification of dnstwist + SQLite + Email reporting. Set it as a cron job that runs every hour, give it a list of domains and email addres…☆66Mar 6, 2018Updated 7 years ago
- A Cribl API wrapper written for Python. Import it into your application to do Cribl things!☆12Mar 20, 2024Updated last year
- ThreatTracker is a Python script designed to monitor and generate alerts on given sets of indicators of compromise (IOCs) indexed by a se…☆70Mar 9, 2015Updated 10 years ago
- Sample staging & detonation utility to be used in combination with Cuckoo Sandbox.☆85Dec 5, 2023Updated 2 years ago
- This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.☆35Jul 8, 2019Updated 6 years ago
- Command-line Interface for Binar.ly☆39Jan 13, 2017Updated 9 years ago
- Suricata Extreme Performance Tuning guide☆213Mar 15, 2018Updated 7 years ago
- PowerShell Menu System and Additional Toolkit Features☆12Oct 15, 2023Updated 2 years ago
- A fork of FindMySync - A macOS utility (compatible with Sequoia and Tahoe) to decrypt the local Find My cache and post device locations t…☆21Updated this week
- Yara station is a management portal for Neo23x0-Loki. The mission is to transform the standalone nature of the Loki scanner into a centra…☆35Feb 1, 2022Updated 4 years ago
- PSAttck is a light-weight framework for the MITRE ATT&CK Framework.☆38Jan 11, 2022Updated 4 years ago
- YARI is an interactive debugger for YARA Language.☆90Sep 10, 2025Updated 5 months ago
- Fuzzy Hash calculated from import API of PE files☆90Aug 26, 2022Updated 3 years ago
- simple plugin to detect shellcode on Bro IDS with Unicorn☆33Jan 20, 2017Updated 9 years ago