tylabs / dovehawk
Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
☆123Updated 3 years ago
Alternatives and similar repositories for dovehawk:
Users that are interested in dovehawk are comparing it to the libraries listed below
- A website and framework for testing NIDS detection☆57Updated 3 years ago
- All the IOC's I have gathered which are used directly involved coronavirus / covid-19 / SARS-CoV-2 cyber attack campaigns☆65Updated 3 years ago
- Threat Feed Aggregation, Made Easy☆167Updated 4 years ago
- A Splunk app to use MISP in background☆110Updated 3 weeks ago
- Threat Alert Logic Repository☆92Updated 6 years ago
- This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant ya…☆121Updated 3 years ago
- A utility repo to assist with converting between MISP and STIX formats☆67Updated 4 years ago
- Automated Use Case Testing☆167Updated 6 years ago
- Mapping NSM rules to MITRE ATT&CK☆70Updated 4 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆108Updated 5 years ago
- Imports Alienvault OTX pulses to a MISP instance☆52Updated 3 years ago
- Bro/Zeek integration with osquery☆94Updated 4 years ago
- Log Entry to Sigma Rule Converter☆107Updated 3 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆71Updated 9 months ago
- Serverless, low cost, threat intel aggregation for enterprise or personal use, backed by ElasticSearch.☆140Updated last year
- InvestigationPlaybookSpec☆72Updated 7 years ago
- Hunting IOCs all day every day...☆86Updated last year
- ☆33Updated 4 years ago
- Collecting & Hunting for IOCs with gusto and style☆237Updated 3 years ago
- Repository containing IOCs, CSV and MISP JSON from our blogs☆80Updated 3 years ago
- CIFv3 DeploymentKit☆64Updated 4 years ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆61Updated last year
- Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform☆71Updated last year
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Updated 5 years ago
- An OpenTAXII Configuration for MISP☆81Updated 2 years ago
- Assimilate is a series of scripts for using the Naïve Bayes algorithm to find potential malicious activity in HTTP headers☆90Updated 7 years ago
- Definition, description and relationship types of MISP objects☆96Updated last week
- Sigma Detection Rule Repository☆87Updated 4 years ago
- Miscelaneous Dockers☆46Updated 3 years ago
- IOC (Indicator of Compromise) Extractor: a program to help extract IOCs from text files.☆135Updated 9 years ago