veeral-patel / true-positive
Collaborative, web-based case management for incident response
☆20Updated last year
Alternatives and similar repositories for true-positive:
Users that are interested in true-positive are comparing it to the libraries listed below
- Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…☆86Updated last week
- Please use https://github.com/veeral-patel/true-positive instead☆66Updated 2 years ago
- Workflows for Shuffle☆21Updated 2 years ago
- Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.☆44Updated 4 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆14Updated 3 years ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆39Updated 11 months ago
- Very basic CLI SIEM (Security Information and Event Management system).☆38Updated 7 years ago
- Tools for Wazuh by Juan C. Tello☆14Updated 3 years ago
- ☆16Updated 4 years ago
- Incident Response Network Tools☆24Updated 3 years ago
- This repo contains information on how to auto deploy Sysmon via GPO and Task Scheduler☆12Updated 3 years ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 3 years ago
- ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing☆53Updated last week
- A collection of tips for using MISP.☆74Updated 3 months ago
- Dissect triage script for Citrix NetScaler devices☆23Updated 9 months ago
- Elastic Beat for fetching and shipping Office 365 audit events☆67Updated 4 years ago
- An open source platform to support analysts to organise their case and tasks☆67Updated this week
- TheHiveIRPlaybook is a collection of TheHive case templates used for Incident Response☆13Updated 4 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 3 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆51Updated 2 years ago
- Send High & New Incidents to The Hive incident management Platform☆18Updated 4 years ago
- Documentation used for Shuffle☆19Updated this week
- Documentation for DFIR ORC, artefact collection tool dedicated to Microsoft Windows☆12Updated this week
- This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup…☆15Updated 4 years ago
- A few quick recipes for those that do not have much time during the day☆22Updated 5 months ago
- ☆29Updated 4 years ago
- Threat hunting repo for my independent study on threat hunting with OSQuery☆27Updated 7 years ago
- Import specific data sources into the Sigma generic and open signature format.☆77Updated 2 years ago
- A Sigma to Wazuh / OSSEC converter including a generated Windows Sysmon ruleset☆33Updated 4 years ago
- Specific guidance and configuration scripts based on Microsoft-recommended security configuration baselines for Windows.☆13Updated 4 years ago