Recon InfoSec

Repositories

• rhq

  Recon Hunt Queries

  incident-response dfir threat-hunting osquery mitre-attack
  9 55 0 2 Updated Feb 23, 2021

• sigma-to-elastalert

  Ansible playbook to convert Sigma rules to ElastAlert rules
  Shell 0 4 0 0 Updated Feb 5, 2021

• ansible-graylog-modules

  Ansible modules for the Graylog API

  python ansible graylog
  Python GPL-3.0 16 47 1 1 Updated Jan 14, 2021

• adversary-emulation-map

  Creates an ATT&CK Navigator map of an Adversary Emulation Plan
  Python 0 6 0 0 Updated Sep 17, 2020

• canaries2thehive

  Create alerts in The Hive from your Thinkst Canary alerts, to be turned into Hive cases.

  flask canary python3 thehive4py thehive-project
  Python 0 4 0 0 Updated Sep 11, 2020

• graylog2thehive

  Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.

  python flask graylog graylog-server thehive-project
  Python 7 32 2 1 Updated Aug 17, 2020

• canarytools

  Subset of Thinkst Canary API for Go
  Go 0 0 0 0 Updated Jul 8, 2020

• ChirpForwarder

  thinkst canary alerts forwarder
  Go GPL-3.0 0 0 0 0 Updated Jul 6, 2020

• geo-ip-visualization

  Visualize Geographic IP address information using Python
  MIT 0 1 0 0 Updated Apr 24, 2020

• Cortex-Analyzers

  Forked from TheHive-Project/Cortex-Analyzers

  Cortex Analyzers Repository
  Python AGPL-3.0 248 0 0 0 Updated Mar 17, 2020

• KapeFiles

  Forked from EricZimmerman/KapeFiles

  This repository serves as a place for community created Targets and Modules for use with KAPE.
  MIT 91 0 0 0 Updated Mar 9, 2020

• web-traffic-generator

  A quick and dirty HTTP/S "organic" traffic generator.
  Python MIT 106 214 5 0 Updated Feb 26, 2020

• ansible-greynoise

  Ansible modules for the GreyNoise API
  Python GPL-3.0 0 7 0 0 Updated Feb 24, 2020

• ansible-okta-modules

  Ansible modules for the Okta API

  python ansible okta
  Python GPL-3.0 10 17 0 3 Updated Jan 16, 2020

• cylance-logs

  Flask application that integrates with Cylance Protect API and logs the events.

  python api flask cylance
  Python 0 0 0 0 Updated Dec 18, 2019

• CyPyAPI

  Forked from jdrobinson/CyPyAPI

  Python3 Wrapper for the Cylance API v10
  Python GPL-3.0 1 0 0 0 Updated Dec 19, 2019

• mailgun2thehive

  Simple Python flask app that runs as a web server, and accepts POST requests from your Mailgun routes.

  python hive mailgun thehive-project
  Python 1 2 0 0 Updated Jun 4, 2019

• ansible-nginx-gen

  Generates TCP/UDP stream configuration files for NGINX based on the backend servers and ports provided

  nginx ansible graylog ansible-role nginx-proxy
  1 9 0 0 Updated May 23, 2019

• slack-c2bot

  Forked from praetorian-inc/slack-c2bot

  Slack C2bot that executes commands and returns the output.
  Go 10 0 0 0 Updated Apr 18, 2019

• query-packs

  Ansible role for importing query packs into Kolide (https://kolide.com)
  Python 0 6 0 0 Updated Jan 16, 2019

• ansible-moloch

  Deploys all-in-one Elasticsearch & Moloch

  ansible elasticsearch moloch
  Shell 0 7 0 0 Updated Jan 4, 2019

• ansible-canarytokens

  Ansible role to deploy canarytokens with Docker

  docker ansible canarytokens
  1 1 0 0 Updated Dec 14, 2018

• ansible-timesketch-all

  Timesketch all-in-one
  Ruby 0 2 0 0 Updated Nov 12, 2018

• SELKS

  Forked from StamusNetworks/SELKS

  A Suricata based IDS/IPS distro
  Shell GPL-3.0 172 0 0 0 Updated Sep 29, 2018

• thehiveemail

  Reading and processing of email folders for TheHive + Autoupdating case histories
  Python AGPL-3.0 7 13 0 0 Updated Jul 6, 2018

• atomic-red-team

  Forked from redcanaryco/atomic-red-team

  Small and highly portable detection tests based on MITRE's ATT&CK.
  PowerShell MIT 1,496 3 0 0 Updated Jul 2, 2018

• ansible-misp

  Ansible role to deploy MISP and Apache on Ubuntu
  PHP 2 9 0 0 Updated Jun 29, 2018

• canarytokens

  Forked from thinkst/canarytokens

  Canarytokens helps track activity and actions on your network.
  HTML 112 0 0 0 Updated May 21, 2018

• canarytokens-docker

  Forked from thinkst/canarytokens-docker

  Docker configuration to quickly setup your own Canarytokens.
  Shell BSD-3-Clause 69 1 0 0 Updated May 17, 2018

• DARKSURGEON

  Forked from cryps1s/DARKSURGEON

  DARKSURGEON is a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense.
  PowerShell MIT 63 0 0 0 Updated May 17, 2018