SOAR Automation with Shuffle, Wazuh & TheHive | This project integrates Shuffle SOAR, Wazuh SIEM, and TheHive to automate security incident response. It enriches alerts using VirusTotal & AbuseIPDB, creates incidents in TheHive, and sends real-time Discord notifications.
☆124Feb 21, 2025Updated last year
Alternatives and similar repositories for SOAR-Flow
Users that are interested in SOAR-Flow are comparing it to the libraries listed below
Sorting:
- ☆42Dec 24, 2024Updated last year
- This project automates SOC workflows using Wazuh, Shuffle, and TheHive. It involves setting up a Windows 10 client with Sysmon and Ubuntu…☆37Jun 7, 2024Updated last year
- A walkthrough of creating and using the Azure environment and Microsoft Sentinel to track attacks and plot attacks on a live map.☆23Mar 26, 2023Updated 2 years ago
- ☆46Jul 9, 2024Updated last year
- my MSTICpy practice and custom tools repository☆11Apr 23, 2025Updated 10 months ago
- CSF Firewall and AbuseIPDB API integration with specific focus on data privacy and prevention of sensitive data leaked to public AbuseIPD…☆16Mar 20, 2024Updated 2 years ago
- This repository contains steps on how i set up a basic home lab running Active Directory.☆36Apr 2, 2023Updated 2 years ago
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Jul 27, 2020Updated 5 years ago
- Advanced Threat Hunting: Ransomware Group☆29Jul 9, 2025Updated 8 months ago
- Three complete IT / Cybersecurity resume for the following job roles: Systems Administration, SOC Analyst, & Penetration Tester.☆28Apr 2, 2025Updated 11 months ago
- Pentest automation resources for Burp☆15Mar 10, 2024Updated 2 years ago
- The Threat Actor Profile Guide for CTI Analysts☆117Jul 15, 2023Updated 2 years ago
- INE eCPPTv3 Cheat Sheet / Course Notes. You'll find my comprehensive course notes, which also serve as cheat sheets for the eCPPTv3 cours…☆66Aug 24, 2025Updated 6 months ago
- A curated list of awesome appsec tools available on Ubuntu 🗄️☆12Mar 4, 2024Updated 2 years ago
- ☆11Jun 12, 2023Updated 2 years ago
- A Node.js script that automates the reporting of malicious IP addresses detected by Cloudflare WAF to AbuseIPDB ☁️🕵️☆33Updated this week
- Playbooks for SOC Analysts☆690Dec 11, 2022Updated 3 years ago
- This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to their…☆29Nov 20, 2024Updated last year
- Scripts for importing threat feeds and CTI articles, blogs, and reports into MISP.☆18Jun 16, 2025Updated 9 months ago
- ☆20Apr 10, 2025Updated 11 months ago
- This Repository consists all Public Cheatsheets created by BlackPerl DFIR Content Team☆20Oct 9, 2024Updated last year
- ☆24May 22, 2024Updated last year
- MCP Server for Wazuh SIEM☆185Dec 12, 2025Updated 3 months ago
- Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…☆77Jul 13, 2021Updated 4 years ago
- MISP Playbooks☆222Oct 14, 2025Updated 5 months ago
- Cheat sheets for threat hunting, detection and other stuff.☆34Oct 7, 2022Updated 3 years ago
- Setting up Active Directory with an Ansible Playbook and create some groups and users☆17Jun 9, 2023Updated 2 years ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆1,062Oct 5, 2023Updated 2 years ago
- CarbonBlack EDR detection rules and response actions☆73Sep 10, 2024Updated last year
- ☆15Apr 10, 2025Updated 11 months ago
- ☆51Nov 26, 2025Updated 3 months ago
- A tool for secrets management, encryption as a service, and privileged access management☆12Jul 17, 2025Updated 8 months ago
- AI-Driven Breach and Attack Simulation Tool (Initial Proof of Concept for AI Pentest Copilot)☆26Jan 6, 2025Updated last year
- If you a security engineer or an aspirant Security professional then Setting up a Wazuh home lab environment is an excellent way for SOC …☆18Mar 27, 2024Updated last year
- ��☆20Feb 14, 2026Updated last month
- A dataset containing Office 365 Unified Audit Logs for security research and detection☆58Jun 7, 2022Updated 3 years ago
- Collection of Jupyter Notebook for Threat Hunting and Blue Team Purposes☆22Jun 15, 2022Updated 3 years ago
- Menu for Thor scanner lite☆20Oct 24, 2025Updated 4 months ago
- ThreatSeeker: Threat Hunting via Windows Event Logs☆124May 16, 2023Updated 2 years ago