ReconInfoSec/sigma-to-elastalert

Stars
9
Rank 1,929,412 (Top 39 %)
Language
Shell
Created over 3 years ago
Updated over 3 years ago

ReconInfoSec/sigma-to-elastalert

ReconInfoSec

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Ansible playbook to convert Sigma rules to ElastAlert rules

web-traffic-generator

A quick and dirty HTTP/S "organic" traffic generator.

velociraptor-to-timesketch

rhq

Recon Hunt Queries

ansible-graylog-modules

Ansible modules for the Graylog API

graylog2thehive

Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.

ansible-okta-modules

Ansible modules for the Okta API

adversary-emulation-map

Creates an ATT&CK Navigator map of an Adversary Emulation Plan

ansible-nginx-gen

Generates TCP/UDP stream configuration files for NGINX based on the backend servers and ports provided

ansible-misp

Ansible role to deploy MISP and Apache on Ubuntu

canaries2thehive

Create alerts in The Hive from your Thinkst Canary alerts, to be turned into Hive cases.

ansible-moloch

Deploys all-in-one Elasticsearch & Moloch

ansible-greynoise

Ansible modules for the GreyNoise API

thehive-slack-webhook

A simple Lambda function for delivering The Hive webhooks to Slack

query-packs

Ansible role for importing query packs into Kolide (https://kolide.com)

slack-virustotal-query

An AWS Lambda function for querying VirusTotal from Slack.

mailgun2thehive

Simple Python flask app that runs as a web server, and accepts POST requests from your Mailgun routes.

ansible-timesketch-all

Timesketch all-in-one

ansible-canarytokens

Ansible role to deploy canarytokens with Docker

png-decrypt

geo-ip-visualization

Visualize Geographic IP address information using Python