ktneely / ir-scriptsLinks
Random scripts for log mining, intel gathering, network querying, and other incident response-ish activities
☆16Updated 2 years ago
Alternatives and similar repositories for ir-scripts
Users that are interested in ir-scripts are comparing it to the libraries listed below
Sorting:
- Maltego Transform to put entities into MISP events☆27Updated 3 years ago
- Threat Intelligence distribution☆30Updated 9 years ago
- Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer☆42Updated 4 years ago
- CRITs IOC Visualization in Maltego☆28Updated 10 years ago
- Home to the ActorTrackr source code☆24Updated 7 years ago
- Extract information from MISP via the API☆15Updated 8 years ago
- Python script to pull various IOCs from PDFs☆15Updated 10 years ago
- Public Maltego Transforms☆24Updated 8 years ago
- Python script that gets IOC from MISP and converts it into BRO intel files.☆13Updated 9 years ago
- Cli interface to threatcrowd.org☆19Updated 7 years ago
- cuckoo-1.1 fork with suricata/moloch/clamav and other goodies☆23Updated 10 years ago
- A Maltego transform and machine to identify possible phishing vectors using permutated domains☆15Updated 9 years ago
- API Tools☆27Updated 9 years ago
- Unpack MIME attachments from a file and check them against virustotal.com☆44Updated 9 years ago
- Beholder is a shell script which installs and configures essentials to peer into your network activity.☆19Updated 7 years ago
- Metadata Inspection Database Alerting System☆42Updated 11 years ago
- Automation for VirusTotal☆31Updated 9 years ago
- Just another tool to extract Indicator of compromise (ioc) from files☆29Updated 9 years ago
- A tool to convert MISP XML files (events and attributes) into graphs☆20Updated 8 years ago
- Cuckoo Sandbox Local Maltego Transforms Project☆49Updated 10 years ago
- Useful scripts, rules etc. for use with YARA☆27Updated 4 years ago
- A REST API server for yara event notifications. Mapping file hashes to yara signatures in Elasticsearch for easy hash lookup or finding h…☆19Updated 10 years ago
- Some IR notes☆73Updated 8 years ago
- Script for pulling events from a MISP database and converting them to Autofocus queries.☆13Updated 9 years ago
- ☆17Updated 7 years ago
- Bringing DevOps to Forensics☆34Updated 10 years ago
- Auxiliary scripts for Incident Response with ELK☆11Updated 9 years ago
- Validate IOC from MISP ; Export results and iocs to SIEM and sensors using syslog and CEF format☆14Updated 8 years ago
- A browser extension that seamlessly integrates your yara match notifications into VirusTotal Intelligence.☆17Updated 10 years ago
- Basic Maltego Transforms for looking up SSL certs and IP info from censys.io☆41Updated 8 years ago