kotlaluk / spl-parser
Parser for Splunk's Search Processing Language (SPL) syntax highlighting
☆16Updated 4 years ago
Related projects: ⓘ
- Firepit - STIX Columnar Storage☆15Updated 3 months ago
- A Zeek package that detects Zoom logins and meeting joins☆11Updated 4 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆49Updated 2 years ago
- OSSEM Common Data Model☆54Updated 2 years ago
- pySigma Cookiecutter backend template☆20Updated 9 months ago
- Bluehat 2018 Graphs for Security Workshop☆41Updated 5 years ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆17Updated 4 years ago
- ☆33Updated 3 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆32Updated 2 years ago
- Contains research.splunk.com site code☆10Updated 5 months ago
- Zeek package for tracking long connections to report them before they have completed.☆28Updated 2 years ago
- Zeek support for Community ID flow hashing.☆32Updated last year
- Cisco Orbital - Osquery queries by Talos☆122Updated 3 weeks ago
- Threat Detection Rules (Snort/Sigma/Yara)☆12Updated 7 months ago
- Plugin for Zeek/Bro which provides http2 decoder/analyzer☆30Updated 3 months ago
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆33Updated 3 weeks ago
- This repository contains generated contextual data utilized by pyattck.☆17Updated 2 months ago
- Specifications used in the MISP project including MISP core format☆45Updated 2 months ago
- CARET - A tool for viewing cyber analytic relationships☆51Updated 4 years ago
- CyCAT.org taxonomies☆14Updated 3 years ago
- ☆20Updated 4 years ago
- Collection of Dashboards for Threat Hunting and more!☆57Updated 3 years ago
- CyCAT.org API back-end server including crawlers☆30Updated last year
- Automated deployment of MISP and MISP-Dashboard via K8S and AWS☆18Updated 4 years ago
- Simple SYSLOG client in Go☆21Updated 3 months ago
- Kestrel Jupyter Notebook Kernel☆9Updated 11 months ago
- ☆11Updated 2 years ago
- Workflows for Shuffle☆20Updated last year
- Custom Splunk search command to reconstruct a pstree from Sysmon process creation events (EventCode 1)☆22Updated last year
- Web app that provides basic navigation and annotation of ATT&CK matrices☆16Updated 3 years ago