theY4Kman / suricata-prettifier

Related projects: ⓘ

• PerchSecurity / dendrol
  🌴 The STIX2 Pattern expression parser for humans
  ☆25Updated 5 years ago
• theY4Kman / parsuricata
  Parse Suricata rules
  ☆13Updated last year
• MISP / misp-packer
  Build Automated Machine Images for MISP
  ☆28Updated last year
• BreakingMalwareResearch / YetiToElastic
  YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack
  ☆15Updated 3 years ago
• StamusNetworks / surimisp
  Check IOC provided by a MISP instance on Suricata events
  ☆17Updated 5 years ago
• ioc-fang / ioc-fanger
  Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .
  ☆55Updated 11 months ago
• corelight / zerologon
  Zeek package to detect Zerologon
  ☆11Updated 2 years ago
• rommelfs / scanner
  nmap/ndiff based scanner with template based notification system in case of infrastructure changes
  ☆18Updated 6 years ago
• MISP / PyMISPWarningLists
  Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists
  ☆29Updated this week
• corelight / pycommunityid
  A Python implementation of the Community ID flow hashing standard
  ☆23Updated 9 months ago
• 0x4D31 / sqhunter
  ☆66Updated this week
• CyberSift / OSQUERY-PACKS
  Osquery Packs we use for customer security hardening
  ☆12Updated 6 months ago
• OTRF / openhunt
  ☆33Updated 3 years ago
• TITO-Threat-Intel / TITO-Framework
  TITO is a light framework for operationalizing threat intelligence that is platform and data agnostic.
  ☆20Updated 4 years ago
• juju4 / ansible-zeek
  setup zeek, previously Bro IDS
  ☆17Updated last month
• Benster900 / ThreatWaffle
  Threat hunting repo for my independent study on threat hunting with OSQuery
  ☆28Updated 6 years ago
• OTRF / sigma
  Generic Signature Format for SIEM Systems
  ☆14Updated 2 years ago
• HKcyberstark / TI_Mod
  Threat Intelligence with Elastic - Minemeld integration with Elasticsearch
  ☆19Updated 3 years ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆21Updated 3 weeks ago
• zeek / zeek-agent-framework
  This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2
  ☆14Updated 3 years ago
• Benster900 / BlogProjects
  Various blog post projects.
  ☆10Updated 3 months ago
• bromiley / pollen
  pollen - A command-line tool for interacting with TheHive
  ☆34Updated 5 years ago
• socprime / SigmaRulesIntegration
  ☆15Updated 6 years ago
• philhagen / timeshift
  A python script to shift the timestamp on syslog data. Useful for forensicators combating time skew.
  ☆19Updated 2 years ago
• certtools / tag2domain
  A mapping project between tags (annotations, labels) and domain names
  ☆11Updated 4 months ago
• theparanoids / spicy-noise
  A Spicy protocol analyzer for WireGuard
  ☆27Updated 4 years ago
• juju4 / ansible-MISP
  ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing
  ☆51Updated 2 months ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆32Updated 2 years ago
• tiburon-security / sriracha-iq
  Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…
  ☆17Updated 4 years ago
• cbcommunity / cbapi-examples
  Repository for all cbapi example scripts
  ☆16Updated 6 years ago