securityclippy / elasticintel
Serverless, low cost, threat intel aggregation for enterprise or personal use, backed by ElasticSearch.
☆140Updated last year
Alternatives and similar repositories for elasticintel:
Users that are interested in elasticintel are comparing it to the libraries listed below
- Threat Alert Logic Repository☆92Updated 6 years ago
- Collecting & Hunting for IOCs with gusto and style☆116Updated 6 years ago
- Tools for the Computer Incident Response Team☆144Updated 8 years ago
- A Splunk app to use MISP in background☆110Updated last month
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Updated 5 years ago
- Threat Feed Aggregation, Made Easy☆167Updated 4 years ago
- TIH is an intelligence tool that helps you in searching for IOCs across multiple openly available security feeds and some well known APIs…☆150Updated 11 months ago
- Main Build directory☆179Updated 6 years ago
- Splunk Boss of the SOC v1 data set.☆111Updated 6 years ago
- InvestigationPlaybookSpec☆72Updated 7 years ago
- QRadio ~ Best Threat Intelligence Radio ~ Tune In!☆96Updated 8 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆123Updated 3 years ago
- Repository of scripts/tools that may be useful in Security Operations Centres (SOC)☆54Updated 4 years ago
- CIF v3 -- the fastest way to consume threat intelligence☆182Updated 2 years ago
- ☆55Updated 3 years ago
- Malware/IOC ingestion and processing engine☆105Updated 6 years ago
- Mitre Att&ck Technique Emulation☆82Updated 6 years ago
- Network Forensics Bro scripts & pcap samples☆62Updated 11 years ago
- Sandia Cyber Omni Tracker (SCOT)☆246Updated 6 months ago
- Hunting IOCs all day every day...☆86Updated last year
- All-in-one bundle of MISP, TheHive and Cortex☆169Updated 2 years ago
- Automated Use Case Testing☆167Updated 7 years ago
- A website and framework for testing NIDS detection☆57Updated 3 years ago
- A collection of notebooks built for defensive and offensive operations.☆77Updated 4 years ago
- stoQ Public Plugins☆71Updated 2 years ago
- Assimilate is a series of scripts for using the Naïve Bayes algorithm to find potential malicious activity in HTTP headers☆90Updated 7 years ago
- Multithreaded threat Intelligence gathering built with Python3☆174Updated 7 years ago
- A live dashboard for a real-time overview of threat intelligence from MISP instances☆202Updated last year
- Imports Alienvault OTX pulses to a MISP instance☆52Updated 3 years ago
- Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The…☆180Updated 3 years ago