Recon InfoSec
Managed Detection & Response (MDR) provider serving gov't, enterprise and critical infrastructure
Austin, TX
Pinned Repositories
adversary-emulation-map
Creates an ATT&CK Navigator map of an Adversary Emulation Plan
ansible-graylog-modules
Ansible modules for the Graylog API
ansible-moloch
Deploys all-in-one Elasticsearch & Moloch
ansible-nginx-gen
Generates TCP/UDP stream configuration files for NGINX based on the backend servers and ports provided
ansible-okta-modules
Ansible modules for the Okta API
canaries2thehive
Create alerts in The Hive from your Thinkst Canary alerts, to be turned into Hive cases.
graylog2thehive
Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.
rhq
Recon Hunt Queries
sigma-to-elastalert
Ansible playbook to convert Sigma rules to ElastAlert rules
web-traffic-generator
A quick and dirty HTTP/S "organic" traffic generator.
Recon InfoSec's Repositories
ReconInfoSec/web-traffic-generator
A quick and dirty HTTP/S "organic" traffic generator.
ReconInfoSec/rhq
Recon Hunt Queries
ReconInfoSec/ansible-graylog-modules
Ansible modules for the Graylog API
ReconInfoSec/graylog2thehive
Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.
ReconInfoSec/ansible-okta-modules
Ansible modules for the Okta API
ReconInfoSec/adversary-emulation-map
Creates an ATT&CK Navigator map of an Adversary Emulation Plan
ReconInfoSec/ansible-nginx-gen
Generates TCP/UDP stream configuration files for NGINX based on the backend servers and ports provided
ReconInfoSec/sigma-to-elastalert
Ansible playbook to convert Sigma rules to ElastAlert rules
ReconInfoSec/ansible-greynoise
Ansible modules for the GreyNoise API
ReconInfoSec/ansible-moloch
Deploys all-in-one Elasticsearch & Moloch
ReconInfoSec/canaries2thehive
Create alerts in The Hive from your Thinkst Canary alerts, to be turned into Hive cases.
ReconInfoSec/query-packs
Ansible role for importing query packs into Kolide (https://kolide.com)
ReconInfoSec/ansible-timesketch-all
Timesketch all-in-one
ReconInfoSec/mailgun2thehive
Simple Python flask app that runs as a web server, and accepts POST requests from your Mailgun routes.
ReconInfoSec/velociraptor-to-timesketch
ReconInfoSec/ansible-canarytokens
Ansible role to deploy canarytokens with Docker
ReconInfoSec/geo-ip-visualization
Visualize Geographic IP address information using Python
ReconInfoSec/png-decrypt
ReconInfoSec/transfer.sh
Easy and fast file sharing from the command-line.
ReconInfoSec/usp-adapters
LimaCharlie Universal Sensor Protocol (USP) Adapters to ingest from various sources.
ReconInfoSec/canarytools
Subset of Thinkst Canary API for Go
ReconInfoSec/Cortex-Analyzers
Cortex Analyzers Repository
ReconInfoSec/cylance-logs
Flask application that integrates with Cylance Protect API and logs the events.
ReconInfoSec/CyPyAPI
Python3 Wrapper for the Cylance API v10
ReconInfoSec/KapeFiles
This repository serves as a place for community created Targets and Modules for use with KAPE.
ReconInfoSec/lce_doc
Documentation for LimaCharlie Enterprise
ReconInfoSec/project-website
The source to opensearch.org
ReconInfoSec/python-limacharlie
Python API for the LimaCharlie.io service.
ReconInfoSec/recon-sublime-cli
A command-line tool and module for the free Sublime Analysis API
ReconInfoSec/slack-c2bot
Slack C2bot that executes commands and returns the output.