splunkalicious / PII_Tools
☆8Updated 3 years ago
Related projects: ⓘ
- ☆32Updated this week
- This repo represents work the Phantom Community collaborates on to build apps and learn.☆12Updated 3 years ago
- A collection of notebooks built for defensive and offensive operations.☆76Updated 3 years ago
- Attack Range to test detection against nativel serverless cloud services and environments☆35Updated 3 years ago
- ☆55Updated 2 years ago
- Allows to pull asset and identity data into Splunk app for Enterprise Security from LDAP and other sources☆27Updated 6 years ago
- misp-cloud - Cloud-ready images of MISP☆70Updated 2 years ago
- Data validator agains Splunk Common Information Model (CIM)☆74Updated 5 months ago
- Install a full Splunk Enterprise Cluster or Universal forwarder using an ansible playbook☆48Updated 4 years ago
- A community event for security researchers to share their favorite notebooks☆105Updated 7 months ago
- ☆131Updated 5 months ago
- Wazuh - Splunk App☆48Updated 10 months ago
- Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform☆71Updated last year
- This is a python tool aiming to make using TheHive webhooks easier.☆26Updated 3 years ago
- A Splunk technology add-on for osquery☆14Updated 3 years ago
- A Splunk app to use MISP in background☆109Updated 9 months ago
- Small and highly portable detection tests based on MITRE's ATT&CK.☆11Updated 3 years ago
- ☆34Updated 3 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆106Updated 4 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆92Updated 2 years ago
- Risk Based Alerting Supporting Add-On (SA) for Splunk☆44Updated 2 years ago
- Workflows for Shuffle☆20Updated last year
- scripts to configure the Splunk Universal Forwarder in a locked down state☆39Updated 5 years ago
- This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.☆27Updated 3 years ago
- Ansible playbook for installing MineMeld on Linux☆48Updated 3 years ago
- ☆13Updated 3 weeks ago
- The Infosec Community Definitive Guide to Jupyter Notebooks☆108Updated 3 years ago
- ☆47Updated last week
- Shell script to download apps from Splunkbase☆20Updated 4 years ago
- Scripts to inject demo data and network traffic into an existing Alienvault/OSSIM installation☆22Updated 7 years ago