misje / opencti-wazuh-connectorLinks
OpenCTI–Wazuh connector looking for indicators in Wazuh and creating sightings
☆21Updated last year
Alternatives and similar repositories for opencti-wazuh-connector
Users that are interested in opencti-wazuh-connector are comparing it to the libraries listed below
Sorting:
- ☆39Updated 2 years ago
- Wazuh extension looking up alert data against indicators in OpenCTI threat intel☆22Updated last year
- ☆19Updated 4 years ago
- Personal scripts☆15Updated last year
- SOARCA - The Open Source CACAO-based Security Orchestrator!☆83Updated last month
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆131Updated last year
- Tools for Wazuh by Juan C. Tello☆15Updated 3 years ago
- Collection of tool you need to have in your Endpoint Detection and Response arsenal☆108Updated last year
- Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.☆52Updated last week
- Convert Sigma rules to Wazuh rules☆73Updated last month
- Convert Sigma rules to SIEM queries, directly in your browser.☆96Updated this week
- Wazuh integration TheHive☆39Updated 2 years ago
- ☆19Updated 2 years ago
- Sysmon and wazuh integration with Sigma sysmon rules [updated]☆70Updated 4 years ago
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆164Updated 3 weeks ago
- ☆60Updated this week
- Import CrowdStrike Threat Intelligence into your instance of MISP☆48Updated 4 months ago
- Automation tool for Windows Deception Host Burn-In☆86Updated 10 months ago
- The official Prelude SIEM GitHub of https://www.prelude-siem.org☆33Updated 9 years ago
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆94Updated 3 years ago
- ☆98Updated 2 months ago
- Mapping of open-source detection rules and atomic tests.☆178Updated 9 months ago
- OpenCTI Docker deployment helpers☆210Updated this week
- Security Onion + Automation + Response Lab including n8n and Velociraptor☆112Updated 3 years ago
- Website for ail-typo-squatting library☆66Updated 3 weeks ago
- ☆52Updated this week
- A highly available AWS deployment of the Threat Intelligence platform, OpenCTI using Terraform. Native AWS resources are used where feasi…☆37Updated 2 years ago
- Jimi is an automation first no-code platform designed and developed originally for Security Orchestration and Response. Since its launch …☆167Updated last year
- Apps to be used for Shuffle automation. Most of Shuffle's apps (2500+) are generated from APIs, and available in the search engine below:☆117Updated 2 weeks ago
- Useful scripts for those administering Wazuh☆87Updated last month