An Elasticsearch QUEry Language
☆57Jul 3, 2017Updated 8 years ago
Alternatives and similar repositories for EQUEL
Users that are interested in EQUEL are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Network detector for Winnti malware☆21Mar 6, 2018Updated 8 years ago
- Exporting MISP event attributes to yara rules usable with Thor apt scanner☆24Mar 27, 2017Updated 9 years ago
- An ICAP Server with yara scanner for URL and content.☆58Dec 19, 2024Updated last year
- Elasticsearch Watcher plugin for the elasticsearch.js client☆13Apr 18, 2018Updated 7 years ago
- Python-based cloud node for local use☆11Mar 7, 2018Updated 8 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- BinSequencer is a script designed to find a common pattern of bytes within a set of samples and generate a YARA rule from the identified…☆80Jan 2, 2022Updated 4 years ago
- Binarly SDK v1☆14Dec 18, 2016Updated 9 years ago
- A Yara rule generator for finding related samples and hunting☆164Sep 11, 2022Updated 3 years ago
- A curated list of awesome threat detection and hunting resources☆10Mar 23, 2018Updated 8 years ago
- RunPE dump - I wrote this to have better control over the analysis of malwares. I can stop and analysis malware when it uses some of the …☆10Jul 1, 2015Updated 10 years ago
- Meeting notes☆14Apr 5, 2016Updated 9 years ago
- A search command for Splunk which will allow you to search Elastic Search and display the results in the Splunk GUI☆70Aug 10, 2025Updated 7 months ago
- Suricata rules to detect Winnti communication☆16Mar 5, 2018Updated 8 years ago
- Python script to automatically create sigma rules from The hive observables☆25Mar 17, 2019Updated 7 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- PowerShellMethodAuditor listens to the PowerShell ETW provider and logs PowerShell method invocations.☆37Sep 19, 2017Updated 8 years ago
- collectd☆11Feb 3, 2020Updated 6 years ago
- Elasticsearch querying library☆20Jun 16, 2019Updated 6 years ago
- Check Sigma rules for easy-to-bypass whitelists to make them more robust (https://github.com/SigmaHQ/sigma)☆15Feb 1, 2021Updated 5 years ago
- CSV processing and web related data types mutual conversion☆17Feb 24, 2026Updated last month
- Transform dumped executable memory back into an identical match from disk. Use network or local database to de-locate relocated binaries…☆12Jan 10, 2016Updated 10 years ago
- PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.☆103Nov 17, 2020Updated 5 years ago
- A python script that can be used to scan data within in an IDB using Yara.☆23Sep 4, 2018Updated 7 years ago
- Django web interface for managing Yara rules☆196Jul 28, 2018Updated 7 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Splunk app to support presentation at .conf2015 on free security tools and Splunk☆10Sep 24, 2015Updated 10 years ago
- Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The…☆176Jun 10, 2021Updated 4 years ago
- SPL to lucene translator☆15Jan 24, 2015Updated 11 years ago
- Command line tool for scanning streams within office documents plus xor db attack☆127Sep 23, 2023Updated 2 years ago
- VPS infrastructure found in HT dumps☆26Jul 10, 2015Updated 10 years ago
- Some IR notes☆73Jul 23, 2016Updated 9 years ago
- "Evolving AppCompat/AmCache data analysis beyond grep"☆209Sep 15, 2021Updated 4 years ago
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Sep 18, 2018Updated 7 years ago
- A Python library to help with some common threat hunting data analysis operations☆142Apr 23, 2023Updated 2 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Modern Honey Network deployment with ansible☆12Jun 4, 2022Updated 3 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆938Dec 12, 2023Updated 2 years ago
- A collection of awesome resources built for and around the Splunk Phantom platform.☆14Jul 7, 2020Updated 5 years ago
- Python module to interact with THOR Thunderstorm service☆17Dec 5, 2025Updated 3 months ago
- Automated library compilation and PDB annotation with CMake and IDA Pro☆22Sep 20, 2018Updated 7 years ago
- Generate bulk YARA rules from YAML input☆22Feb 3, 2020Updated 6 years ago
- ☆113Jun 12, 2017Updated 8 years ago