SOAR Automation with Shuffle, Wazuh & TheHive | This project integrates Shuffle SOAR, Wazuh SIEM, and TheHive to automate security incident response. It enriches alerts using VirusTotal & AbuseIPDB, creates incidents in TheHive, and sends real-time Discord notifications.
☆127Feb 21, 2025Updated last year
Alternatives and similar repositories for SOAR-Flow
Users that are interested in SOAR-Flow are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆12Mar 28, 2026Updated 2 weeks ago
- Security Monitoring using Wazuh, published by Packt☆40Mar 2, 2026Updated last month
- ☆42Dec 24, 2024Updated last year
- This project automates SOC workflows using Wazuh, Shuffle, and TheHive. It involves setting up a Windows 10 client with Sysmon and Ubuntu…☆36Jun 7, 2024Updated last year
- A walkthrough of creating and using the Azure environment and Microsoft Sentinel to track attacks and plot attacks on a live map.☆23Mar 26, 2023Updated 3 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Smarter Asset Search, Faster Information Extraction ZoomEye GPT is a browser extension designed specifically for cybersecurity profession…☆26Apr 30, 2025Updated 11 months ago
- my MSTICpy practice and custom tools repository☆11Apr 23, 2025Updated 11 months ago
- ☆46Jul 9, 2024Updated last year
- CSF Firewall and AbuseIPDB API integration with specific focus on data privacy and prevention of sensitive data leaked to public AbuseIPD…☆16Mar 20, 2024Updated 2 years ago
- This repository contains steps on how i set up a basic home lab running Active Directory.☆38Apr 2, 2023Updated 3 years ago
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Jul 27, 2020Updated 5 years ago
- Three complete IT / Cybersecurity resume for the following job roles: Systems Administration, SOC Analyst, & Penetration Tester.☆29Apr 2, 2025Updated last year
- An OSINT focused tool made with Nodejs!☆11Oct 4, 2022Updated 3 years ago
- The Threat Actor Profile Guide for CTI Analysts☆117Jul 15, 2023Updated 2 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- A curated list of awesome appsec tools available on Ubuntu 🗄️☆12Mar 4, 2024Updated 2 years ago
- A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.☆34Jul 23, 2024Updated last year
- A Node.js script that automates the reporting of malicious IP addresses detected by Cloudflare WAF to AbuseIPDB ☁️🕵️☆37Mar 24, 2026Updated 2 weeks ago
- This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to their…☆29Nov 20, 2024Updated last year
- Scripts for importing threat feeds and CTI articles, blogs, and reports into MISP.☆18Jun 16, 2025Updated 9 months ago
- ☆20Apr 10, 2025Updated last year
- This Repository consists all Public Cheatsheets created by BlackPerl DFIR Content Team☆20Oct 9, 2024Updated last year
- ☆24May 22, 2024Updated last year
- Source code and instructions for LAB 910 - Declarative Agents: Build Agents for Microsoft 365 Copilot☆13Mar 26, 2025Updated last year
- NordVPN Threat Protection Pro™ • AdTake your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
- MCP Server for Wazuh SIEM☆189Dec 12, 2025Updated 3 months ago
- Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…☆77Jul 13, 2021Updated 4 years ago
- MISP Playbooks☆223Oct 14, 2025Updated 5 months ago
- Cheat sheets for threat hunting, detection and other stuff.☆34Oct 7, 2022Updated 3 years ago
- Setting up Active Directory with an Ansible Playbook and create some groups and users☆17Jun 9, 2023Updated 2 years ago
- Automated security investigation tool using Microsoft MCP Servers, GitHub Copilot, Python Modules and custom copilot-instructions.☆114Updated this week
- PowerShell-Integrity-FIM☆13Jan 17, 2024Updated 2 years ago
- CarbonBlack EDR detection rules and response actions☆73Sep 10, 2024Updated last year
- ☆21Apr 19, 2024Updated last year
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- ☆51Nov 26, 2025Updated 4 months ago
- In this projects are custom-decoders and custom-rules for Wazuh by me. Feel free to use it, you can redistribute it and/or modify it unde…☆61Mar 7, 2026Updated last month
- A tool for secrets management, encryption as a service, and privileged access management☆12Jul 17, 2025Updated 8 months ago
- If you a security engineer or an aspirant Security professional then Setting up a Wazuh home lab environment is an excellent way for SOC …☆19Mar 27, 2024Updated 2 years ago
- An esphome config running the game of life on a 8x32 led matrix controlled by max7219☆25Jan 5, 2026Updated 3 months ago
- A dataset containing Office 365 Unified Audit Logs for security research and detection☆58Jun 7, 2022Updated 3 years ago
- Collection of Jupyter Notebook for Threat Hunting and Blue Team Purposes☆22Jun 15, 2022Updated 3 years ago