My logstash plugins. Filter: sig (for security detect -> IOC, sig, New value, Reference, link, frequence, ...). Output: alert created by filter sig, feed FIR (CERT SG)
☆10Jul 26, 2019Updated 6 years ago
Alternatives and similar repositories for logstash-plugins
Users that are interested in logstash-plugins are comparing it to the libraries listed below
Sorting:
- certstream + analytics☆11Jan 17, 2020Updated 6 years ago
- Real-time Packet Observation Tool☆39Sep 26, 2023Updated 2 years ago
- Python script to automatically create sigma rules from The hive observables☆25Mar 17, 2019Updated 7 years ago
- Hakabana monitoring tool using Haka, ElastcSearch and Kibana☆20Sep 24, 2014Updated 11 years ago
- Repo for Automations and other solutions for Elastic SIEM/Security.☆18Jun 15, 2021Updated 4 years ago
- CTI-URLScan is a command line tool to enable analysts to search URLscan.io submissions. Pull screenshot and DOM content. As well as, auto…☆10Mar 2, 2021Updated 5 years ago
- MISP Workbench☆28Oct 19, 2016Updated 9 years ago
- Some C code I wrote while learning the Lua C API☆11May 16, 2024Updated last year
- A collection of Cortex Analyzers and Responders for TheHive/Cortex☆13Jan 29, 2020Updated 6 years ago
- A repo of Java examples using Apache Flink with flink-connector-kafka☆10Mar 10, 2026Updated last week
- Analysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules☆51Sep 6, 2023Updated 2 years ago
- An Erlang linked-in driver that allows embedding Lua into the Erlang VM☆38Oct 16, 2012Updated 13 years ago
- CLI tool for testing Office documents with macros using MaliciousMacroBot☆12Dec 3, 2023Updated 2 years ago
- A dataset of phishing kits in the wild☆15Jun 1, 2024Updated last year
- host and network monitoring suite written in erlang☆22Mar 25, 2010Updated 15 years ago
- Minimalistic WebUI for passiveDNS tool☆18May 6, 2021Updated 4 years ago
- nfsinkhole is a Python library and scripts for setting up a Linux server as a sinkhole (monitor, log/capture, and drop all traffic to a s…☆12Apr 8, 2017Updated 8 years ago
- Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert☆37Nov 9, 2022Updated 3 years ago
- Meer is a "spooler" for Suricata / Sagan.☆30Jun 21, 2023Updated 2 years ago
- empow's intent classification plugin☆11Jun 27, 2019Updated 6 years ago
- Sn0ffer - Make sound/noise/music with your network connection!☆20Jul 1, 2016Updated 9 years ago
- Slack integration for Claude Code using MCP (Model Context Protocol). Enable your team to use Claude Code collaboratively through Slack.☆11Jun 30, 2025Updated 8 months ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆53Jul 27, 2022Updated 3 years ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆20May 25, 2022Updated 3 years ago
- Code Search on Fess☆11Nov 2, 2024Updated last year
- Hogzilla is an Intrusion Detection System (IDS) supported by Snort, Apache Spark, HBase and libnDPI, which provides Network Anomaly Detec…☆28Apr 18, 2018Updated 7 years ago
- This is a simple CEP Engine leveraging the Kafka Streams platform☆16Apr 25, 2017Updated 8 years ago
- A powerful streaming log template miner based on the Drain algorithm in golang☆16Oct 23, 2024Updated last year
- Gather and compile open source threat intelligence feeds.☆40Feb 19, 2022Updated 4 years ago
- Graphical analysis of PDF structure.☆13Jan 9, 2017Updated 9 years ago
- Network timing evaluation used to detect beacons, works with argus flow as the source☆20May 4, 2016Updated 9 years ago
- Feed for verious malicious IPs such as malware and botnets☆12Jun 20, 2016Updated 9 years ago
- ☆11Jul 19, 2021Updated 4 years ago
- Zeek package to create JSON formatted logs to stream into data analysis systems.☆30Dec 3, 2025Updated 3 months ago
- Declare and keep up a rogue default-gateway in Cisco's HSRP default configuration☆16May 26, 2017Updated 8 years ago
- WIP: Debug Adapter Protocol (DAP) tools for Model Context Protocol (MCP)☆12Jul 2, 2025Updated 8 months ago
- ☆38Nov 2, 2024Updated last year
- ☆15Mar 13, 2026Updated last week
- ☆14May 18, 2022Updated 3 years ago