Auxiliary scripts for Incident Response with ELK
☆11Oct 7, 2015Updated 10 years ago
Alternatives and similar repositories for quickIR
Users that are interested in quickIR are comparing it to the libraries listed below
Sorting:
- NDISPktScan is a plugin for the Volatility Framework. It parses the Ethernet packets stored by ndis.sys in Windows kernel space memory.☆12Oct 23, 2015Updated 10 years ago
- A Golang API for TheHive☆13Sep 3, 2020Updated 5 years ago
- FireEye Alert json files to MISP Malware information sharing plattform (Alpha)☆32Jun 11, 2017Updated 8 years ago
- This package allows for creating alerts in The Hive from emails retrieved from a Microsoft Exchange mailbox.☆12Jul 13, 2017Updated 8 years ago
- Bro stuff.☆12May 24, 2016Updated 9 years ago
- Python script to pull various IOCs from PDFs☆15Dec 22, 2014Updated 11 years ago
- Create an incident response triage toolkit for use with Windows or Linux.☆18Jun 14, 2020Updated 5 years ago
- Various Bro scripts☆37May 20, 2014Updated 11 years ago
- A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.☆22Apr 16, 2021Updated 4 years ago
- Public Maltego Transforms☆24May 24, 2017Updated 8 years ago
- Contributed Bro Scripts☆30May 28, 2014Updated 11 years ago
- Docker container for MISP☆96Jun 20, 2018Updated 7 years ago
- Workbench: A scalable python framework for security research and development teams.☆92Oct 25, 2019Updated 6 years ago
- Scripts for accessing and transforming cyber threat intelligence☆26Nov 22, 2015Updated 10 years ago
- ☆29Feb 25, 2017Updated 9 years ago
- ARCHIVED ce1sus, a threat information database ARCHIVED☆28Dec 8, 2015Updated 10 years ago
- Golang parser for OLE files☆33Dec 4, 2025Updated 2 months ago
- Collecting & Hunting for IOCs with gusto and style☆117Aug 9, 2018Updated 7 years ago
- A collection of bro_scripts and signatures☆27Jun 26, 2019Updated 6 years ago
- Tools for the Computer Incident Response Team☆150Apr 17, 2017Updated 8 years ago
- Example programs used in the automating DFIR series☆63Mar 4, 2019Updated 6 years ago
- Volatility memory forensics plugin for extracting Windows DNS Cache☆29Mar 13, 2017Updated 8 years ago
- A Python package to search & delete messages from mailboxes in Office 365 using Microsoft Graph API☆25Feb 15, 2022Updated 4 years ago
- Cybersecurity Incidents Mind Maps☆34Sep 29, 2021Updated 4 years ago
- Grab a Twitter user timeline for further processing (storing to Elasticsearch, highligthing, etc)☆41Aug 28, 2015Updated 10 years ago
- ExileAPI plugin for visualizing terrain data☆10Apr 10, 2021Updated 4 years ago
- Asheron's Call Multicharacter Bot Plugin☆12Jan 3, 2025Updated last year
- Routes for the Asheron's Call Decal Plugin Virindi Tank☆10Mar 21, 2017Updated 8 years ago
- Fast incident overview☆41Feb 11, 2017Updated 9 years ago
- Trade equities with python algorithms.☆14Apr 8, 2024Updated last year
- My old external dayz source with auto update base offsets☆14Jul 28, 2023Updated 2 years ago
- PowerShell tool to enumerate existing exclusions in Windows Defender as low privileged user☆11Oct 14, 2024Updated last year
- Rapid Response sample Foundry app☆17Updated this week
- ☆12Feb 16, 2023Updated 3 years ago
- Fix for the CVE-2021-36934☆10Oct 15, 2021Updated 4 years ago
- How to create VMware vagrant box☆11May 10, 2020Updated 5 years ago
- SocksSharp provides support for Socks4/4a/5 proxy servers to HttpClient☆12Feb 3, 2021Updated 5 years ago
- ☆11Apr 14, 2022Updated 3 years ago
- ☆12Oct 22, 2023Updated 2 years ago