kotlaluk / spl-parser

Related projects: ⓘ

• opencybersecurityalliance / firepit
  Firepit - STIX Columnar Storage
  ☆15Updated 3 months ago
• corelight / got_zoom
  A Zeek package that detects Zoom logins and meeting joins
  ☆11Updated 4 years ago
• Loginsoft-Research / detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆49Updated 2 years ago
• OTRF / OSSEM-CDM
  OSSEM Common Data Model
  ☆54Updated 2 years ago
• SigmaHQ / cookiecutter-pySigma-backend
  pySigma Cookiecutter backend template
  ☆20Updated 9 months ago
• JohnLaTwC / Bluehat2018GraphWorkshop
  Bluehat 2018 Graphs for Security Workshop
  ☆41Updated 5 years ago
• tiburon-security / sriracha-iq
  Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…
  ☆17Updated 4 years ago
• OTRF / openhunt
  ☆33Updated 3 years ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆32Updated 2 years ago
• splunk / security_content_docs
  Contains research.splunk.com site code
  ☆10Updated 5 months ago
• corelight / zeek-long-connections
  Zeek package for tracking long connections to report them before they have completed.
  ☆28Updated 2 years ago
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆32Updated last year
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆122Updated 3 weeks ago
• Cluster25 / detection
  Threat Detection Rules (Snort/Sigma/Yara)
  ☆12Updated 7 months ago
• MITRECND / bro-http2
  Plugin for Zeek/Bro which provides http2 decoder/analyzer
  ☆30Updated 3 months ago
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆33Updated 3 weeks ago
• swimlane / pyattck-data
  This repository contains generated contextual data utilized by pyattck.
  ☆17Updated 2 months ago
• MISP / misp-rfc
  Specifications used in the MISP project including MISP core format
  ☆45Updated 2 months ago
• mitre / caret
  CARET - A tool for viewing cyber analytic relationships
  ☆51Updated 4 years ago
• CyCat-project / cycat-taxonomy
  CyCAT.org taxonomies
  ☆14Updated 3 years ago
• Security-Onion-Solutions / securityonion-docker-hh
  ☆20Updated 4 years ago
• Truvis / SplunkDashboards
  Collection of Dashboards for Threat Hunting and more!
  ☆57Updated 3 years ago
• CyCat-project / cycat-service
  CyCAT.org API back-end server including crawlers
  ☆30Updated last year
• Xyrodileas / misp-k8s
  Automated deployment of MISP and MISP-Dashboard via K8S and AWS
  ☆18Updated 4 years ago
• NextronSystems / simplesyslog
  Simple SYSLOG client in Go
  ☆21Updated 3 months ago
• opencybersecurityalliance / kestrel-jupyter
  Kestrel Jupyter Notebook Kernel
  ☆9Updated 11 months ago
• XDR-Alliance / Common-Information-Model
  ☆11Updated 2 years ago
• Shuffle / workflows
  Workflows for Shuffle
  ☆20Updated last year
• murchisd / splunk_pstree_app
  Custom Splunk search command to reconstruct a pstree from Sysmon process creation events (EventCode 1)
  ☆22Updated last year
• atc-project / react-navigator
  Web app that provides basic navigation and annotation of ATT&CK matrices
  ☆16Updated 3 years ago