markuskont / pikksilmView external linksLinks
Look into EDR events from network
☆25Nov 20, 2025Updated 2 months ago
Alternatives and similar repositories for pikksilm
Users that are interested in pikksilm are comparing it to the libraries listed below
Sorting:
- Set of scripts to index PCAP files and retrieve packets☆14Sep 10, 2015Updated 10 years ago
- This config file will automatically convert a temporary Windows Sandbox environment into a Flare VM for malware analysis.☆11Jan 3, 2025Updated last year
- Splunk csv to KVStore ES Threat Intel☆11Jul 11, 2016Updated 9 years ago
- Basic c2-matrix analysis enviroment using Suricata + Wazuh + Elastic stack☆12Apr 18, 2020Updated 5 years ago
- ☆13Feb 6, 2018Updated 8 years ago
- Threat Simulator for Enterprise Networks☆14May 14, 2022Updated 3 years ago
- Bring Your Own Mitre Att&ck © Matrix !☆13Oct 19, 2023Updated 2 years ago
- A test case runner for Sigma rules☆14Aug 14, 2024Updated last year
- Knowing which rule should trigger according to the redcannary test☆11Nov 23, 2024Updated last year
- This repository contains generated contextual data utilized by pyattck.☆19Mar 3, 2025Updated 11 months ago
- A few XDR Scripts☆22Mar 19, 2025Updated 10 months ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Sep 14, 2023Updated 2 years ago
- Corelight-Ansible-Roles are a collection of Ansible Roles and playbooks that install, configure, run and manage a variety of Corelight, S…☆16Jun 15, 2021Updated 4 years ago
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆70Feb 3, 2022Updated 4 years ago
- VTC - Velociraptor Timeline Creator☆19May 15, 2024Updated last year
- A mini project to exfiltrate data via QR codes☆19Dec 5, 2025Updated 2 months ago
- ☆15Aug 29, 2025Updated 5 months ago
- Signature engine for all your logs☆173Nov 13, 2023Updated 2 years ago
- TAXII Server supporting the 2.1 spec.☆20Mar 30, 2020Updated 5 years ago
- ☆42Sep 16, 2022Updated 3 years ago
- A CALDERA Plugin Template☆20Jan 7, 2026Updated last month
- An experimental Velociraptor implementation using cloud infrastructure☆26Dec 2, 2025Updated 2 months ago
- Custom Splunk search command to reconstruct a pstree from Sysmon process creation events (EventCode 1)☆24Mar 3, 2023Updated 2 years ago
- An open source Governance Risk Compliance (GRC) solution for corporates and government☆34Jul 10, 2017Updated 8 years ago
- Repository for Cortex XDR and Cortex XSIAM XQL queries and more!☆39Jun 7, 2024Updated last year
- Proof of Concept for CVE-2023-23397 in Python☆25Mar 21, 2023Updated 2 years ago
- OwlH Master API☆24Apr 27, 2025Updated 9 months ago
- This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…☆26Oct 3, 2023Updated 2 years ago
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- A cyber threat intelligence server based on TAXII 2 and written in Golang☆32Sep 19, 2019Updated 6 years ago
- DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.☆573Dec 12, 2021Updated 4 years ago
- A starter-kit for a source-controlled, CLI-based osquery management workflow.☆30Jun 1, 2018Updated 7 years ago
- Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming an…☆33Feb 2, 2026Updated last week
- One Day of Python for SaintCon 2022☆11Jan 3, 2023Updated 3 years ago
- Google Cloud Security Command Center to Azure Sentinel Connector☆19Jul 15, 2023Updated 2 years ago
- ☆33Feb 26, 2022Updated 3 years ago
- DShield Sensor Log Collection with ELK☆44Feb 4, 2026Updated last week
- Windows File Integrity -- an archive of information on installed Windows binaries.☆33Aug 26, 2022Updated 3 years ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆84Feb 8, 2026Updated last week