secureworks / aristotle
☆38Updated 4 months ago
Alternatives and similar repositories for aristotle:
Users that are interested in aristotle are comparing it to the libraries listed below
- Import specific data sources into the Sigma generic and open signature format.☆77Updated 2 years ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆69Updated 2 months ago
- Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert☆36Updated 2 years ago
- CyCAT.org API back-end server including crawlers☆29Updated 2 years ago
- Mapping NSM rules to MITRE ATT&CK☆69Updated 4 years ago
- Zeek package to generate a SMB client fingerprint��☆27Updated 4 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆39Updated last year
- Utility for parsing Bro log files into CSV or JSON format☆41Updated 2 years ago
- ☆45Updated last year
- A website and framework for testing NIDS detection☆57Updated 3 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆51Updated 2 years ago
- Automated detection rule analysis utility☆29Updated 2 years ago
- Zeek support for Community ID flow hashing.☆35Updated last year
- Sigma Detection Rule Repository☆87Updated 4 years ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆61Updated last year
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Threat intelligence and threat detection indicators (IOC, IOA)☆52Updated 4 years ago
- Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…☆86Updated this week
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- Get started using Synapse Open-Source to start a Cortex and perform analysis within your area of expertise.☆41Updated 2 years ago
- An elevated STIX representation of the MITRE ATT&CK Groups knowledge base☆23Updated 2 years ago
- Python tool for converting from joy format to JA3 format SSL/TLS hashes☆11Updated 4 years ago
- Wireshark plugin to display Suricata analysis info☆93Updated 3 years ago
- Website crawler with YARA detection☆88Updated last year
- Definition, description and relationship types of MISP objects☆96Updated last week
- Zeek package for tracking long connections to report them before they have completed.☆30Updated last month
- Specifications used in the MISP project including MISP core format☆51Updated 2 months ago
- Repository of all the sites related to infosec IP/Domain/Hash/SSL/etc OSINT and eventually will include more.☆66Updated 11 months ago
- YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.☆27Updated 3 years ago
- Library of threat hunts to get any user started!☆42Updated 4 years ago