santiago-bassett / Alienvault-Demo_scripts
Scripts to inject demo data and network traffic into an existing Alienvault/OSSIM installation
☆22Updated 7 years ago
Related projects ⓘ
Alternatives and complementary repositories for Alienvault-Demo_scripts
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Updated 8 months ago
- ☆29Updated 5 years ago
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆66Updated 7 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆14Updated 2 years ago
- ☆43Updated last month
- A few quick recipes for those that do not have much time during the day☆21Updated last week
- ☆14Updated 4 years ago
- ☆48Updated 4 years ago
- Best practices in threat intelligence☆46Updated 2 years ago
- Docker Container to deploy Mitre Caldera Automated Adversary Emulation System☆24Updated 4 years ago
- Workflows for Shuffle☆20Updated 2 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆52Updated 2 years ago
- ☆34Updated 3 years ago
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Updated 4 years ago
- Indices for courses in SANS' Network Security Operations curriculum☆15Updated 8 years ago
- A script to create and assign SOP tasks into the cases☆18Updated 4 years ago
- ☆12Updated 5 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Triage automation for suspect URLs☆12Updated 5 years ago
- Threat hunting repo for my independent study on threat hunting with OSQuery☆28Updated 6 years ago
- Searches for Insider Threat Hunting☆30Updated 5 years ago
- automate your MISP installs☆66Updated 4 years ago
- A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis☆23Updated 4 months ago
- pollen - A command-line tool for interacting with TheHive☆34Updated 5 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆92Updated 2 years ago
- A collection of hunting and blue team scripts. Mostly others, some my own.☆38Updated last year
- Learn about a network from a pcap file or reading from an interface☆27Updated 7 months ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆19Updated 2 years ago
- Generic Signature Format for SIEM Systems☆14Updated 3 years ago