secureworks / aristotleLinks
☆38Updated 9 months ago
Alternatives and similar repositories for aristotle
Users that are interested in aristotle are comparing it to the libraries listed below
Sorting:
- Import specific data sources into the Sigma generic and open signature format.☆78Updated 3 years ago
- Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert☆36Updated 2 years ago
- A website and framework for testing NIDS detection☆57Updated 4 years ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆62Updated last year
- Mapping NSM rules to MITRE ATT&CK☆71Updated 5 years ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆79Updated 2 months ago
- Python tool for converting from joy format to JA3 format SSL/TLS hashes☆11Updated 5 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 2 years ago
- Zeek package to generate a SMB client fingerprint☆27Updated 5 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆121Updated 4 years ago
- Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…☆90Updated this week
- Cisco Orbital - Osquery queries by Talos☆134Updated last year
- A utility repo to assist with converting between MISP and STIX formats☆69Updated 4 years ago
- Sigma Detection Rule Repository☆89Updated 5 years ago
- ☆50Updated last year
- Wireshark plugin to display Suricata analysis info☆95Updated 3 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats☆55Updated this week
- Threat Alert Logic Repository☆92Updated 6 years ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆87Updated 2 years ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆20Updated 3 years ago
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆263Updated 2 years ago
- Cyber Defence Monitoring Course Suite :: Suricata, Arkime (and others in the past)☆106Updated last year
- ☆36Updated 4 years ago
- ☆77Updated 5 years ago
- Zeek support for Community ID flow hashing.☆36Updated 2 years ago
- Automatically create YARA rules from malicious documents.☆212Updated 3 years ago
- YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.☆27Updated 3 years ago
- ☆13Updated 3 years ago
- simple YARA-based IOC scanner☆169Updated last week