Auxiliary scripts for Incident Response with ELK
☆11Oct 7, 2015Updated 10 years ago
Alternatives and similar repositories for quickIR
Users that are interested in quickIR are comparing it to the libraries listed below
Sorting:
- Python script to pull various IOCs from PDFs☆15Dec 22, 2014Updated 11 years ago
- Create an incident response triage toolkit for use with Windows or Linux.☆18Jun 14, 2020Updated 5 years ago
- A Golang API for TheHive☆13Sep 3, 2020Updated 5 years ago
- FireEye Alert json files to MISP Malware information sharing plattform (Alpha)☆32Jun 11, 2017Updated 8 years ago
- NDISPktScan is a plugin for the Volatility Framework. It parses the Ethernet packets stored by ndis.sys in Windows kernel space memory.☆12Oct 23, 2015Updated 10 years ago
- Public Maltego Transforms☆24May 24, 2017Updated 8 years ago
- This package allows for creating alerts in The Hive from emails retrieved from a Microsoft Exchange mailbox.☆12Jul 13, 2017Updated 8 years ago
- Bro stuff.☆12May 24, 2016Updated 9 years ago
- ☆29Feb 25, 2017Updated 9 years ago
- Passive DNS server interface compliant to "Common Output Format"☆10Sep 19, 2016Updated 9 years ago
- ARCHIVED ce1sus, a threat information database ARCHIVED☆28Dec 8, 2015Updated 10 years ago
- A book about how to conduct digital forensic investigations with free and open source tools.☆12Apr 30, 2014Updated 11 years ago
- Implementation of a Whois Server with a redis backend☆15Oct 31, 2010Updated 15 years ago
- Collecting & Hunting for IOCs with gusto and style☆117Aug 9, 2018Updated 7 years ago
- Docker container for MISP☆96Jun 20, 2018Updated 7 years ago
- Cybersecurity Incidents Mind Maps☆34Sep 29, 2021Updated 4 years ago
- Workbench: A scalable python framework for security research and development teams.☆92Oct 25, 2019Updated 6 years ago
- Various Bro scripts☆37May 20, 2014Updated 11 years ago
- Scripts to process big chunks of data from MISP and do in depth correlations on samples.☆12Jul 2, 2016Updated 9 years ago
- Specifications used in the MISP project including MISP core format☆53Jan 7, 2026Updated 2 months ago
- Threat Analysis, Reconnaissance, and Data Intelligence System☆129Aug 28, 2015Updated 10 years ago
- Python script that gets IOC from MISP and converts it into BRO intel files.☆13Apr 17, 2016Updated 9 years ago
- Tools for the Computer Incident Response Team☆150Apr 17, 2017Updated 8 years ago
- PowerShell Script for Agentless Incident Response☆25Apr 5, 2018Updated 7 years ago
- A framework that correlates Bro events☆18Oct 25, 2013Updated 12 years ago
- A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.☆22Apr 16, 2021Updated 4 years ago
- ssdeep based clustering tool☆14Jan 17, 2016Updated 10 years ago
- Example programs used in the automating DFIR series☆63Mar 4, 2019Updated 7 years ago
- Bro Snippets☆21Nov 7, 2014Updated 11 years ago
- Contributed Bro Scripts☆30May 28, 2014Updated 11 years ago
- Script for pulling events from a MISP database and converting them to Autofocus queries.☆13Dec 28, 2015Updated 10 years ago
- Yara Plugin for Binary Ninja☆13Feb 13, 2018Updated 8 years ago
- Sighting DB is designed to scale writing and reading a count of attributes, tracking when if was first and last seen☆17Apr 11, 2024Updated last year
- Content for cyber defense course☆14Oct 15, 2014Updated 11 years ago
- Random scripts for log mining, intel gathering, network querying, and other incident response-ish activities☆16Sep 13, 2022Updated 3 years ago
- Minimal Indicator Storage System☆11Feb 8, 2021Updated 5 years ago
- Windows privileges add to the complexity of Windows user permissions. Each additional user added to a group could lead to a domain compro…☆10Mar 2, 2018Updated 8 years ago
- Using osquery for Mass Incident Detection & Response☆19Jun 25, 2016Updated 9 years ago
- A specialized implementation of the Hierarchical Navigable Small World (HNSW) data structure adapted for efficient nearest neighbor looku…☆11Mar 12, 2026Updated last week