tiburon-security / sriracha-iqLinks
Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threat hunting, blue team assessments, audits, and security control assessments.
☆18Updated 5 years ago
Alternatives and similar repositories for sriracha-iq
Users that are interested in sriracha-iq are comparing it to the libraries listed below
Sorting:
- A few quick recipes for those that do not have much time during the day☆22Updated 7 months ago
- Sharing Threat Hunting runbooks☆25Updated 5 years ago
- FIles and guides related to using Elasticstack as a SIEM☆12Updated 5 years ago
- ☆34Updated 3 years ago
- ☆11Updated 4 years ago
- A script to create and assign SOP tasks into the cases☆19Updated 4 years ago
- Build Automated Machine Images for MISP☆28Updated last year
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆27Updated 4 years ago
- Automatic detection engineering technical state compliance☆55Updated 10 months ago
- Threat hunting repo for my independent study on threat hunting with OSQuery☆27Updated 7 years ago
- Generic Signature Format for SIEM Systems☆14Updated 3 years ago
- Log aggregation, analysis, alerting and correlation for Windows, Syslog and text based logs.☆24Updated 8 years ago
- These are some of the commands which I use frequently during Malware Analysis and DFIR.☆24Updated last year
- SIEM Detection Use Case Library mapped to MITRE ATT&CK tactics and techniques☆12Updated 6 years ago
- Incident Response Report Using GitHub-Sphinx☆20Updated 5 years ago
- Workflows for Shuffle☆23Updated 2 years ago
- Docker Container to deploy Mitre Caldera Automated Adversary Emulation System☆26Updated 4 years ago
- Send High & New Incidents to The Hive incident management Platform☆18Updated 4 years ago
- An elevated STIX representation of the MITRE ATT&CK Groups knowledge base☆23Updated 3 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆52Updated 2 years ago
- Repo for Automations and other solutions for Elastic SIEM/Security.☆18Updated 3 years ago
- Best practices in threat intelligence☆47Updated 2 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Python parser for Red Canary's Atomic Red Team Yamls☆27Updated 6 years ago
- 🦉🔬A small PowerShell tool for finding information quickly on malicious IPs or FQDNs. Powershell threat hunting.☆11Updated 5 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆14Updated 3 years ago
- DNS Dashboard for hunting and identifying beaconing☆16Updated 4 years ago
- ☆16Updated 4 years ago
- PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.☆38Updated 3 years ago
- Exports MISP events to STIX and ingest into McAfee ESM☆15Updated 5 years ago