Look into EDR events from network
☆25Nov 20, 2025Updated 3 months ago
Alternatives and similar repositories for pikksilm
Users that are interested in pikksilm are comparing it to the libraries listed below
Sorting:
- Set of scripts to index PCAP files and retrieve packets☆14Sep 10, 2015Updated 10 years ago
- Splunk csv to KVStore ES Threat Intel☆11Jul 11, 2016Updated 9 years ago
- ☆13Feb 6, 2018Updated 8 years ago
- Basic c2-matrix analysis enviroment using Suricata + Wazuh + Elastic stack☆12Apr 18, 2020Updated 5 years ago
- Threat Simulator for Enterprise Networks☆14May 14, 2022Updated 3 years ago
- Knowing which rule should trigger according to the redcannary test☆11Nov 23, 2024Updated last year
- Bring Your Own Mitre Att&ck © Matrix !☆13Oct 19, 2023Updated 2 years ago
- A test case runner for Sigma rules☆14Aug 14, 2024Updated last year
- Add POST body excerpt to Bro's HTTP log☆14Dec 10, 2025Updated 2 months ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Sep 14, 2023Updated 2 years ago
- VTC - Velociraptor Timeline Creator☆19May 15, 2024Updated last year
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆70Feb 3, 2022Updated 4 years ago
- Corelight-Ansible-Roles are a collection of Ansible Roles and playbooks that install, configure, run and manage a variety of Corelight, S…☆16Jun 15, 2021Updated 4 years ago
- ☆16Aug 29, 2025Updated 6 months ago
- A mini project to exfiltrate data via QR codes☆19Dec 5, 2025Updated 3 months ago
- Signature engine for all your logs☆172Nov 13, 2023Updated 2 years ago
- TAXII Server supporting the 2.1 spec.☆20Mar 30, 2020Updated 5 years ago
- PowerShell scripts for fast Windows Event Collector configuration with Palantir toolset☆22May 21, 2022Updated 3 years ago
- An experimental Velociraptor implementation using cloud infrastructure☆26Dec 2, 2025Updated 3 months ago
- Repository for Cortex XDR and Cortex XSIAM XQL queries and more!☆41Jun 7, 2024Updated last year
- Custom Splunk search command to reconstruct a pstree from Sysmon process creation events (EventCode 1)☆24Mar 3, 2023Updated 3 years ago
- An open source Governance Risk Compliance (GRC) solution for corporates and government☆35Jul 10, 2017Updated 8 years ago
- Proof of Concept for CVE-2023-23397 in Python☆25Mar 21, 2023Updated 2 years ago
- This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…☆26Oct 3, 2023Updated 2 years ago
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- A cyber threat intelligence server based on TAXII 2 and written in Golang☆32Sep 19, 2019Updated 6 years ago
- DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.☆573Dec 12, 2021Updated 4 years ago
- Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming an…☆34Feb 2, 2026Updated last month
- acunetix☆62Mar 27, 2020Updated 5 years ago
- Google Cloud Security Command Center to Azure Sentinel Connector☆19Jul 15, 2023Updated 2 years ago
- One Day of Python for SaintCon 2022☆11Jan 3, 2023Updated 3 years ago
- ☆33Feb 26, 2022Updated 4 years ago
- DShield Sensor Log Collection with ELK☆45Feb 16, 2026Updated 2 weeks ago
- ☆30Apr 19, 2023Updated 2 years ago
- Windows File Integrity -- an archive of information on installed Windows binaries.☆34Aug 26, 2022Updated 3 years ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆86Feb 26, 2026Updated last week
- GQUIC Protocol Analyzer for Zeek (Bro) Network Security Monitor�☆80Sep 13, 2023Updated 2 years ago
- Wireshark plugin to display Suricata analysis info☆94Nov 5, 2021Updated 4 years ago
- [READ ONLY] Subtree split of the siyuan-packages-monorepo (see https://github.com/Zuoqiu-Yingyi/siyuan-packages-monorepo)☆12Jan 23, 2024Updated 2 years ago