kevinperlow / SANS-DFIR-2017Links
☆20Updated 7 years ago
Alternatives and similar repositories for SANS-DFIR-2017
Users that are interested in SANS-DFIR-2017 are comparing it to the libraries listed below
Sorting:
- Cowrie Honeypot Obscurer☆17Updated 4 years ago
- Combining OSINT sources in Elastic Stack☆80Updated 4 years ago
- Small App for reading from MHN's hpfeeds broker and writing splunk logs☆10Updated 5 years ago
- Transforms for the AlienVault OTX service☆39Updated 8 years ago
- Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.☆69Updated last year
- Imports Alienvault OTX pulses to a MISP instance☆52Updated 3 years ago
- A bunch of scripts I use to work with urlscan.io☆34Updated 5 years ago
- Cyber Threat Intelligence Feeds☆67Updated last year
- Triage automation for suspect URLs☆13Updated 5 years ago
- Blackcert monitors Certificate Transparency Logs for a keyword. Blackcert collects any certificate changes for this keyword and also chec…☆9Updated 2 years ago
- Python scripts to download, parse, and enrich scans.io study data and load into Splunk for research, threat intelligence gathering, and s…☆19Updated 3 months ago
- A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).☆17Updated 6 years ago
- ☆29Updated 4 years ago
- This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, o…☆35Updated 6 years ago
- Parse URLCrazy and dnstwist output and compare against previous runs to identify new typosquatted domains.☆51Updated 9 years ago
- Build your own threat hunting maturity model☆11Updated 7 years ago
- Universal Honey Pot☆29Updated 2 years ago
- The Fastest way to consume Threat Intel☆25Updated 3 years ago
- Client API to query any Passive DNS implementation following the Passive DNS - Common Output Format.☆81Updated 2 months ago
- Maltego entity pack encompassing the entire STIX 1.2 data model and a targeted subset of the CybOX 2.1 data model☆10Updated 9 years ago
- Home to the ActorTrackr source code☆29Updated 7 years ago
- API wrapper for Maltiverse☆18Updated 8 months ago
- JoeSandbox-Bro is a simple bro script which extracts files from your internet connection and analyzes them automatically on Joe Sandbox☆45Updated 6 years ago
- Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .☆62Updated last year
- Honeypot log processor to create OTX Pulse entries☆28Updated last year
- ☆22Updated 7 years ago
- Knowledge base of analytics designed to cover threats based on MITRE's ATT&CK.☆22Updated 6 years ago
- Home to the ActorTrackr source code☆24Updated 7 years ago
- The Intelligent Honey Net Project attempts to create actionable information from honeypots☆62Updated 9 years ago
- Normalizer for honeypot data.☆11Updated last year