theY4Kman / suricata-prettifier
Command-line tool to format and syntax highlight Suricata rules
β13Updated 4 years ago
Related projects: β
- π΄ The STIX2 Pattern expression parser for humansβ25Updated 5 years ago
- Parse Suricata rulesβ13Updated last year
- Build Automated Machine Images for MISPβ28Updated last year
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stackβ15Updated 3 years ago
- Check IOC provided by a MISP instance on Suricata eventsβ17Updated 5 years ago
- Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .β55Updated 11 months ago
- Zeek package to detect Zerologonβ11Updated 2 years ago
- nmap/ndiff based scanner with template based notification system in case of infrastructure changesβ18Updated 6 years ago
- Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglistsβ29Updated this week
- A Python implementation of the Community ID flow hashing standardβ23Updated 9 months ago
- β66Updated this week
- Osquery Packs we use for customer security hardeningβ12Updated 6 months ago
- β33Updated 3 years ago
- TITO is a light framework for operationalizing threat intelligence that is platform and data agnostic.β20Updated 4 years ago
- setup zeek, previously Bro IDSβ17Updated last month
- Threat hunting repo for my independent study on threat hunting with OSQueryβ28Updated 6 years ago
- Generic Signature Format for SIEM Systemsβ14Updated 2 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearchβ19Updated 3 years ago
- A few quick recipes for those that do not have much time during the dayβ21Updated 3 weeks ago
- This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2β14Updated 3 years ago
- Various blog post projects.β10Updated 3 months ago
- pollen - A command-line tool for interacting with TheHiveβ34Updated 5 years ago
- β15Updated 6 years ago
- A python script to shift the timestamp on syslog data. Useful for forensicators combating time skew.β19Updated 2 years ago
- A mapping project between tags (annotations, labels) and domain namesβ11Updated 4 months ago
- A Spicy protocol analyzer for WireGuardβ27Updated 4 years ago
- ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharingβ51Updated 2 months ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout forβ¦β32Updated 2 years ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threaβ¦β17Updated 4 years ago
- Repository for all cbapi example scriptsβ16Updated 6 years ago