neu5ron / es_stkView external linksLinks
☆13Apr 8, 2022Updated 3 years ago
Alternatives and similar repositories for es_stk
Users that are interested in es_stk are comparing it to the libraries listed below
Sorting:
- This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.☆35Jul 8, 2019Updated 6 years ago
- Web interface to IntelMQ☆10Sep 10, 2025Updated 5 months ago
- Transform EQL detection rules to VQL artifacts☆12Nov 12, 2021Updated 4 years ago
- Kestrel Jupyter Notebook Kernel☆10Oct 19, 2023Updated 2 years ago
- WiP - cve-search next gen☆13Jan 18, 2020Updated 6 years ago
- Query.AI plugin for Kibana☆13Nov 10, 2019Updated 6 years ago
- A Zeek package that detects Zoom logins and meeting joins☆12Apr 15, 2020Updated 5 years ago
- CVE-2020-1337 a bypass of (PrintDemon) CVE-2020-1048’s patch☆14Aug 11, 2020Updated 5 years ago
- Flame - Send vulnerabilities reports to SIEM☆15Jul 28, 2016Updated 9 years ago
- Searches for Insider Threat Hunting☆30May 2, 2019Updated 6 years ago
- Integration between MISP platform and McAfee MVISION EDR☆14Mar 14, 2022Updated 3 years ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆18Apr 10, 2020Updated 5 years ago
- Listing releases of the Elastic stack with new features and references☆19Feb 4, 2026Updated last week
- Paper, data and code from Investigating Potential Security Vulnerability Manifestation through Various Analyses & Inferences Regarding In…☆19Jan 28, 2021Updated 5 years ago
- Notes for High Availability MISP in AWS☆19Nov 6, 2019Updated 6 years ago
- A script to create and assign SOP tasks into the cases☆20Aug 16, 2020Updated 5 years ago
- Web-based sensor management suite☆20Mar 2, 2023Updated 2 years ago
- ☆51Aug 25, 2022Updated 3 years ago
- ☆54Updated this week
- ☆61Updated this week
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Aug 3, 2019Updated 6 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Aug 30, 2022Updated 3 years ago
- Scripts for TheHive.☆23Nov 15, 2019Updated 6 years ago
- A tool to assist with network-based hunting for GRU's Drovorub malware c2☆25Aug 28, 2020Updated 5 years ago
- SIAC is an enterprise SIEM built on open-source technology.☆115Oct 31, 2018Updated 7 years ago
- RPM packages for MISP☆39Jan 15, 2026Updated 3 weeks ago
- Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert☆36Nov 9, 2022Updated 3 years ago
- Rekall Forensics and Incident Response Framework with rVMI extensions☆33Mar 25, 2021Updated 4 years ago
- The "Let's-defend-solution" directory contains the answers to all paths of the Let's Defend platform that were saved by the creator 8 mon…☆12Apr 27, 2023Updated 2 years ago
- Oracle Database Penetration Testing Reference (10g/11g)☆39Jul 28, 2018Updated 7 years ago
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆189May 5, 2021Updated 4 years ago
- ☆33Oct 16, 2025Updated 3 months ago
- OWASP Threat Dragon core files☆29May 15, 2021Updated 4 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆122Jul 12, 2021Updated 4 years ago
- Primary data pipelines for intrusion detection, security analytics and threat hunting☆85Jan 9, 2022Updated 4 years ago
- Zeek scripts that provide an alternative log file logging TLS/SSL traffic☆12May 4, 2021Updated 4 years ago
- A collection of hunting and blue team scripts. Mostly others, some my own.☆38Jan 8, 2023Updated 3 years ago
- pollen - A command-line tool for interacting with TheHive☆36Jun 6, 2019Updated 6 years ago
- A repository for my conference presentations☆35Feb 18, 2020Updated 5 years ago