SOAR Automation with Shuffle, Wazuh & TheHive | This project integrates Shuffle SOAR, Wazuh SIEM, and TheHive to automate security incident response. It enriches alerts using VirusTotal & AbuseIPDB, creates incidents in TheHive, and sends real-time Discord notifications.
☆132Feb 21, 2025Updated last year
Alternatives and similar repositories for SOAR-Flow
Users that are interested in SOAR-Flow are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆12Mar 28, 2026Updated 2 months ago
- Security Monitoring using Wazuh, published by Packt☆44Apr 22, 2026Updated last month
- ☆43Dec 24, 2024Updated last year
- Automated security investigation tool using Microsoft MCP Servers, GitHub Copilot, Python Modules and custom copilot-instructions.☆206Updated this week
- This project automates SOC workflows using Wazuh, Shuffle, and TheHive. It involves setting up a Windows 10 client with Sysmon and Ubuntu…☆41Jun 7, 2024Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A walkthrough of creating and using the Azure environment and Microsoft Sentinel to track attacks and plot attacks on a live map.☆24Mar 26, 2023Updated 3 years ago
- my MSTICpy practice and custom tools repository☆11Apr 23, 2025Updated last year
- ☆48Jul 9, 2024Updated last year
- CSF Firewall and AbuseIPDB API integration with specific focus on data privacy and prevention of sensitive data leaked to public AbuseIPD…☆17Mar 20, 2024Updated 2 years ago
- This repository contains steps on how i set up a basic home lab running Active Directory.☆38Apr 2, 2023Updated 3 years ago
- Three complete IT / Cybersecurity resume for the following job roles: Systems Administration, SOC Analyst, & Penetration Tester.☆34Apr 2, 2025Updated last year
- Pentest automation resources for Burp☆15Mar 10, 2024Updated 2 years ago
- The Threat Actor Profile Guide for CTI Analysts☆120Jul 15, 2023Updated 2 years ago
- ☆11Jun 12, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A Node.js script that automates the reporting of malicious IP addresses detected by Cloudflare WAF to AbuseIPDB ☁️🕵️☆42May 31, 2026Updated last week
- This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to their…☆29Nov 20, 2024Updated last year
- Scripts for importing threat feeds and CTI articles, blogs, and reports into MISP.☆18Jun 16, 2025Updated 11 months ago
- ☆20Apr 10, 2025Updated last year
- Playbooks for SOC Analysts☆721Dec 11, 2022Updated 3 years ago
- This Repository consists all Public Cheatsheets created by BlackPerl DFIR Content Team☆20Oct 9, 2024Updated last year
- ☆24May 22, 2024Updated 2 years ago
- Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…☆76Jul 13, 2021Updated 4 years ago
- MISP Playbooks☆229Oct 14, 2025Updated 7 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- MCP Server for Wazuh SIEM☆212Dec 12, 2025Updated 5 months ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆1,071Oct 5, 2023Updated 2 years ago
- CarbonBlack EDR detection rules and response actions☆73Sep 10, 2024Updated last year
- Raspberry Pi Lab for learning to hack☆19Mar 9, 2025Updated last year
- AI-powered security operations for Wazuh SIEM—use any MCP-compatible client to ask security questions in plain English. Faster threat det…☆180Mar 31, 2026Updated 2 months ago
- ☆16Apr 10, 2025Updated last year
- This is a simple network scanner used to scan any range of IP Address to get their MAC Address. The code is written completely in Python …☆26Aug 29, 2021Updated 4 years ago
- Setting up Active Directory with an Ansible Playbook and create some groups and users☆17Jun 9, 2023Updated 3 years ago
- In this projects are custom-decoders and custom-rules for Wazuh by me. Feel free to use it, you can redistribute it and/or modify it unde…☆64Mar 7, 2026Updated 3 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- AI-Driven Breach and Attack Simulation Tool (Initial Proof of Concept for AI Pentest Copilot)☆27Jan 6, 2025Updated last year
- VulnReach builds on standard SCA output by adding reachability context - proving through static analysis, taint tracking, and live runtim…☆21Updated this week
- Collection of Jupyter Notebook for Threat Hunting and Blue Team Purposes☆22Jun 15, 2022Updated 3 years ago
- A dataset containing Office 365 Unified Audit Logs for security research and detection☆60Jun 7, 2022Updated 4 years ago
- Menu for Thor scanner lite☆20Oct 24, 2025Updated 7 months ago
- ☆68May 13, 2022Updated 4 years ago
- ThreatSeeker: Threat Hunting via Windows Event Logs☆123May 16, 2023Updated 3 years ago