kazuminn / vulsbeat
Vuls Beater for Elasticsearch - connecting vuls
☆17Updated 3 years ago
Related projects: ⓘ
- Collect autorun records from running system☆59Updated 2 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2☆14Updated 3 years ago
- ☆15Updated 6 years ago
- Various blog post projects.☆10Updated 2 months ago
- Golang based web service to scan files with yara rules☆26Updated 7 years ago
- Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.☆21Updated last year
- ☆12Updated 4 years ago
- Subscriptions to collect Windows Event Logs mapped to the MITRE ATT&CK model☆12Updated 3 years ago
- Download a Bunch of Malware for Demos and Testing☆13Updated 5 years ago
- A Spicy protocol analyzer for WireGuard☆27Updated 4 years ago
- A DFIR tool to collect artifacts on macOS☆53Updated 4 years ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆17Updated 4 years ago
- Threat hunting with EQL and Bro. This repo contains modifications to EQL and EQLLib to use BRO logs.☆8Updated 5 years ago
- ☆16Updated this week
- Python parser for Red Canary's Atomic Red Team Yamls☆27Updated 5 years ago
- Simple SYSLOG client in Go☆21Updated 3 months ago
- Threat hunting repo for my independent study on threat hunting with OSQuery☆28Updated 6 years ago
- Carving tool based in Radare2 & Yara☆16Updated 5 years ago
- Osquery Packs we use for customer security hardening☆12Updated 6 months ago
- TITO is a light framework for operationalizing threat intelligence that is platform and data agnostic.☆20Updated 4 years ago
- Bro analyzer that detects Google's QUIC protocol☆10Updated 3 years ago
- Setting up a training environment for MISP☆11Updated last year
- pollen - A command-line tool for interacting with TheHive☆34Updated 5 years ago
- SIEM-From-Scratch is a drop-in ELK based SIEM component for your Vagrant infosec lab☆37Updated 4 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆15Updated 3 years ago
- A python script to acquire multiple aws ec2 instances in a forensically sound-ish way☆37Updated 2 years ago
- Example Suricata rules implementing some of my detection tactics☆20Updated last year
- ☆33Updated 3 years ago
- Build Automated Machine Images for MISP☆28Updated last year
- Serverless, real-time, ClamAV+Yara scanning for your S3 Buckets☆31Updated 3 months ago