kotlaluk / spl-parser

Related projects ⓘ

Alternatives and complementary repositories for spl-parser

• Cluster25 / detection
  Threat Detection Rules (Snort/Sigma/Yara)
  ☆13Updated 10 months ago
• corelight / got_zoom
  A Zeek package that detects Zoom logins and meeting joins
  ☆11Updated 4 years ago
• target / strelka-ui
  Strelka Web UI for File Submission and Analysis
  ☆57Updated 3 months ago
• grapl-security / grapl-analyzers
  Hosted analyzers built for Grapl
  ☆13Updated last year
• opencybersecurityalliance / firepit
  Firepit - STIX Columnar Storage
  ☆15Updated 5 months ago
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated 2 weeks ago
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆34Updated last year
• salspaugh / splparser
  Simple parser for Splunk Processing Language (SPL) written in Python.
  ☆35Updated 6 years ago
• splunk / security_content_docs
  Contains research.splunk.com site code
  ☆10Updated 7 months ago
• zeek / spicy-analyzers
  Growing collection of Spicy-based protocol and file analyzers for Zeek
  ☆31Updated 2 months ago
• SigmaHQ / cookiecutter-pySigma-backend
  pySigma Cookiecutter backend template
  ☆21Updated last week
• murchisd / splunk_pstree_app
  Custom Splunk search command to reconstruct a pstree from Sysmon process creation events (EventCode 1)
  ☆23Updated last year
• tiburon-security / sriracha-iq
  Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…
  ☆18Updated 4 years ago
• opencybersecurityalliance / kestrel-jupyter
  Kestrel Jupyter Notebook Kernel
  ☆9Updated last year
• OTRF / OSSEM-CDM
  OSSEM Common Data Model
  ☆54Updated 2 years ago
• Loginsoft-LLC / threat-detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆50Updated 2 years ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆51Updated 4 months ago
• SimoneCagol / sigma-rules-crawler
  ☆29Updated this week
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆123Updated 2 months ago
• OTRF / openhunt
  ☆33Updated 3 years ago
• Prelude-SIEM / prelude-correlator
  The official Prelude-Correlator GitHub mirror of https://www.prelude-siem.org/projects/prelude-correlator/repository
  ☆10Updated 3 years ago
• zeek / zeek-agent-framework
  This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2
  ☆14Updated 4 years ago
• cyentific-rni / SAG
  An elevated STIX representation of the MITRE ATT&CK Groups knowledge base
  ☆23Updated 2 years ago
• Kirtar22 / ATTACK-Threat_Intel
  Graph Representation of MITRE ATT&CK's CTI data
  ☆48Updated 5 years ago
• atc-project / react-navigator
  Web app that provides basic navigation and annotation of ATT&CK matrices
  ☆16Updated 4 years ago
• JohnLaTwC / Bluehat2018GraphWorkshop
  Bluehat 2018 Graphs for Security Workshop
  ☆42Updated 6 years ago
• cyentific-rni / security-playbook-stix-misp-exchange
  This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…
  ☆15Updated 2 years ago
• chronicle / api-samples-python
  Python samples and utilities for Chronicle APIs
  ☆77Updated this week
• m-chrome / py-suricataparser
  Pure python parser for Snort/Suricata rules.
  ☆27Updated 8 months ago
• JHUAPL / Low-Regret-Methodology
  ☆27Updated 3 years ago