stricaud / TA-misp
Splunk integration with MISP
☆12Updated 6 years ago
Related projects: ⓘ
- ☆40Updated this week
- A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).☆17Updated 5 years ago
- Checks observables/ioc in TheHive/Cortex against the MISP warningslists☆13Updated 6 years ago
- Exporting MISP event attributes to yara rules usable with Thor apt scanner☆22Updated 7 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆21Updated 6 years ago
- Home to the ActorTrackr source code☆24Updated 7 years ago
- Performs OCR on image files and scans them for matches to YARA rules☆39Updated 5 years ago
- Konrads' Pen-Ultimate (Windows) Log File Parser☆13Updated 2 years ago
- An informational repo about hunting for adversaries in your IT environment.☆13Updated 7 years ago
- A collection of typical false positive indicators☆54Updated 3 years ago
- ☆11Updated this week
- References for FIRST CTI 2019 Symposium presentation☆23Updated 5 years ago
- A Windows Event Processing Utility☆46Updated 6 years ago
- ☆14Updated 6 years ago
- ☆33Updated 4 years ago
- ☆16Updated this week
- ☆35Updated this week
- Bro PCAP Processing and Tagging API☆27Updated 6 years ago
- Historical Observations of Actionable Reputation Data☆13Updated 6 years ago
- This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, o…☆35Updated 5 years ago
- SANS Hunting on the Cheap☆35Updated 8 years ago
- Sandbox feature upgrade with the help of wrapped samples☆75Updated 6 years ago
- ☆21Updated 6 years ago
- Providing timelines based on OSINT Reports☆32Updated last year
- An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree…☆59Updated 6 years ago
- Open Development projects for TekDefense☆77Updated 7 years ago
- Randori: Like Aiki. With a couple of Dans under its belt.☆14Updated 6 years ago
- threat-intelligence.eu website and repository of information about open standards, documents, methodologies and processes in threat intel…☆48Updated 2 years ago
- Zeek package to generate a SMB client fingerprint☆26Updated 4 years ago