Scripts to integrate DFIR-IRIS, MISP and TimeSketch

Related tags

Miscellaneousdfir-iris-misp-timesketch
Overview

dfir-iris-misp-timesketch

Scripts to integrate DFIR-IRIS, MISP and TimeSketch

dfir.drawio.png

Scripts

IRIS

iris_create_case.py

  • Create a new IRIS case
  • Add default set of notes, based on MD templates (such as "notes_intake.md")
  • Add default set of tasks, based on a TheHive template
  • Add global task

iris_delete_tasks.py

  • Delete tasks from an IRIS case

iris_add_assets.py

  • Add assets to IRIS from a CSV file

iris_get_from_ts.py

  • Get Timeline events from TimeSketch

iris_add_iocs_misp.py

  • Add IOCs from MISP to IRIS

iris_add_evidence.py

  • Add evidence to IRIS

iris_get_from_ts_savedsearch.py

  • Get timeline events from a Timesketch saved search

iris_get_from_ts_savedsearch_byid.py

  • Get timeline events from a TimeSketch saved search (by id)

TimeSketch

ts_import_pcap.py

  • Import PCAP file into TimeSketch

ts_ioc_iris_savedsearch.py

  • Create a saved search based on IOCs in an IRIS case

ts_add_event.py

  • Manually add a TimeSketch event

ts_ioc_misp_savedsearch.py

  • Create a saved search based on IOCs from a MISP event
ts_create_sketch.py
  • Create a TimeSketch sketch

ts_import_evtx.py

Import EVTX file into TimeSketch

Elastic

https://github.com/cudeso/elastic-dfir-cluster

Owner
Koen Van Impe
Koen Van Impe
GitHub Repository
Simple Denial of Service Program yang di bikin menggunakan bahasa pemograman Python,

Peringatan Tujuan kami share code Indo-DoS hanya untuk bertujuan edukasi / pembelajaran! Dilarang memperjual belikan source ini / memperjual-belikan s

SonLyte 8 Nov 07, 2021
A script where you execute a script that generates a base project for your gdextension

GDExtension Project Creator this is a script (currently only for linux) where you execute a script that generates a base project for your gdextension,

Unknown 11 Nov 17, 2022
inverted pendulum fuzzy control python code (python 2.7.18)

inverted-pendulum-fuzzy-control- inverted pendulum fuzzy control python code (python 2.7.18) We have 3 general functions for 3 main steps: fuzzificati

arian mottaghi 4 May 23, 2022
Jack Morgan's Advent of Code Solutions

Advent-of-Code Jack Morgan's Advent of Code Solutions Usage Run . initiate.sh year day To initiate a day. This sets up a template python file, and pul

Jack Morgan 1 Dec 10, 2021
A Python package to request and process seismic waveform data from Hi-net.

HinetPy is a Python package to simplify tedious data request, download and format conversion tasks related to NIED Hi-net. NIED Hi-net | Source Code |

Dongdong Tian 65 Dec 09, 2022
A toy repo illustrating a minimal installable Python package

MyToy: a minimal Python package This repository contains a minimal, toy Python package with a few files as illustration for students of how to lay out

Fernando Perez 19 Apr 24, 2022
Provides guideline on how to configure pre-commit hooks in your own python project

Pre-commit Configuration Guide The main aim of this repository is to act as a guide on how to configure the pre-commit hooks in your existing python p

Faraz Ahmed Khan 2 Mar 31, 2022
Kunai Shitty Raider Leaked LMFAO

Kunai-Raider-Leaked Kunai Shitty Raider Leaked LMFA

5 Nov 24, 2021
Fully coded Apps by Codex.

OpenAI-Codex-Code-Generation Fully coded Apps by Codex. How I use Codex in VSCode to generate multiple completions with autosorting by highest "mean p

nanowell 47 Jan 01, 2023
Shai-Hulud - A qtile configuration for the (spice) masses

Shai-Hulud - A qtile configuration for the (spice) masses Installation Notes These dotfiles are set up to use GNU stow for installation. To install, f

16 Dec 30, 2022
synchronize projects via yaml/json manifest. built on libvcs

vcspull - synchronize your repos. built on libvcs Manage your commonly used repos from YAML / JSON manifest(s). Compare to myrepos. Great if you use t

python utilities for version control 200 Dec 20, 2022
Pykeeb - A small Python script that prints out currently connected keyboards

pykeeb 🐍 ⌨️ A small Python script that detects and prints out currently connect

Jordan Duabe 1 May 08, 2022
PKU team for 2021 project 'Guangchangwu detection'.

PKU team for 2021 project 'Guangchangwu detection'.

Helin Wang 3 Feb 21, 2022
Rufus port to linux, writed on Python3

Rufus-for-Linux Rufus port to linux, writed on Python3 ΠŸΡ€ΠΎΠ³Ρ€Π°ΠΌΠΌΠ° Π±ΡƒΠ΄Π΅Ρ‚ ΠΈΠΌΠ΅Ρ‚ΡŒ Ρ‚ΠΎΡ‚ ΠΆΠ΅ интСрфСйс Ρ‡Ρ‚ΠΎ ΠΈ ΠΎΡ€ΠΈΠ³ΠΈΠ½Π°Π», ΠΈ Ρ‚ΠΎΡ‚ ΠΆΠ΅ Ρ„ΡƒΠ½ΠΊΡ†ΠΈΠΎΠ½Π°Π». ΠŸΡ€ΠΎΠ³Ρ€Π°ΠΌΠΌΠ° создаСтся

6 Jan 07, 2022
A simple armature retargeting tool for Blender

Simple-Retarget-Tool-Blender A simple armature retargeting tool for Blender Update V2: Set Rest Pose to easily apply rest pose. Preset Import/Export.

Fahad Hasan Pathik 74 Jan 04, 2023
An universal linux port of deezer, supporting both Flatpak and AppImage

Deezer for linux This repo is an UNOFFICIAL linux port of the official windows-only Deezer app. Being based on the windows app, it allows downloading

AurΓ©lien Hamy 154 Jan 06, 2023
Tethered downgrade 64-bit iDevices vulnerable to checkm8

ra1nstorm Tethered downgrade 64-bit iDevices vulnerable to checkm8 Since the purpose of this tool is to tethered downgrade a device, after restoring p

mini_exploit 65 Nov 08, 2022
automate some stuff so I can be more noob

dota automate some stuff so I can be more noob This is a simple project, but one that I've wanted forever! I use pyautogui, time, smtplib and datetime

Aaron Allen 17 Oct 18, 2022
Neogex is a human readable parser standard, being implemented in Python

Neogex (New Expressions) Parsing Standard Much like Regex, Neogex allows for string parsing and validation based on a set of requirements. Unlike Rege

Seamus Donnellan 1 Dec 17, 2021
A collection of examples of using cocotb for functional verification of VHDL designs with GHDL.

At the moment, this repo is in an early state and serves as a learning tool for me. So it contains a a lot of quirks and code which can be done much better by cocotb-professionals.

T. Meissner 7 Mar 10, 2022