ktneely / ir-scripts
Random scripts for log mining, intel gathering, network querying, and other incident response-ish activities
☆16Updated 2 years ago
Related projects: ⓘ
- Maltego Transform to put entities into MISP events☆25Updated 3 years ago
- Python script that gets IOC from MISP and converts it into BRO intel files.☆13Updated 8 years ago
- CRITs IOC Visualization in Maltego☆27Updated 9 years ago
- Cli interface to threatcrowd.org☆19Updated 7 years ago
- Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer☆40Updated 4 years ago
- Threat Intelligence distribution☆30Updated 8 years ago
- Python script to pull various IOCs from PDFs☆15Updated 9 years ago
- Extract information from MISP via the API☆15Updated 8 years ago
- A Maltego transform and machine to identify possible phishing vectors using permutated domains☆15Updated 8 years ago
- Unpack MIME attachments from a file and check them against virustotal.com☆45Updated 8 years ago
- Home to the ActorTrackr source code☆24Updated 7 years ago
- Metadata Inspection Database Alerting System☆41Updated 11 years ago
- Public Maltego Transforms☆23Updated 7 years ago
- ☆11Updated this week
- ☆23Updated this week
- Script for pulling events from a MISP database and converting them to Autofocus queries.☆13Updated 8 years ago
- Transforms for the AlienVault OTX service☆39Updated 7 years ago
- API Tools☆27Updated 8 years ago
- A REST API server for yara event notifications. Mapping file hashes to yara signatures in Elasticsearch for easy hash lookup or finding h…☆19Updated 9 years ago
- ARCHIVED ce1sus, a threat information database ARCHIVED☆28Updated 8 years ago
- Beholder is a shell script which installs and configures essentials to peer into your network activity.☆19Updated 7 years ago
- cuckoo-1.1 fork with suricata/moloch/clamav and other goodies☆23Updated 9 years ago
- Just another tool to extract Indicator of compromise (ioc) from files☆28Updated 8 years ago
- FireEye Alert json files to MISP Malware information sharing plattform (Alpha)☆32Updated 7 years ago
- Automation for VirusTotal☆31Updated 8 years ago
- integrating bro into yara☆32Updated 9 years ago
- Cuckoo Sandbox Local Maltego Transforms Project☆48Updated 10 years ago
- ☆11Updated this week
- It's like a polaroid, but for domains☆24Updated 9 years ago
- Bringing DevOps to Forensics☆34Updated 9 years ago