Pinned Repositories
ACE
Analysis Correlation Engine
cbinterface2
Library and command line tool for interacting with Carbon Black environments.
ioc_splunk_detect
operationalize your indicators of compromise, and send alerts/matches to ACE
netskope_log_fetcher
Script to pull down netskope logs.
o365_log_fetch
Tool to fetch and log O365 Management Activity API logs in a SIEM-friendly json format.
otx2crits
Subscribe to Alienvault OTX feeds and automatically import them into CRITs events
pcap_extract
A simple python utility to extract a timeframe of pcap matching a given bpf from a network sensor that is collecting pcap.
SIP
Simple Intel Platform
urlfinderlib
Python library for finding and validating URLs in documents and arbitrary data
yara_scanner
A Python wrapper library for libyara and a local server for fully utilizing the CPUs of the system to scan with yara...with additional capabilities.
ACE Ecosystem's Repositories
ace-ecosystem/ACE
Analysis Correlation Engine
ace-ecosystem/yara_scanner
A Python wrapper library for libyara and a local server for fully utilizing the CPUs of the system to scan with yara...with additional capabilities.
ace-ecosystem/cbinterface2
Library and command line tool for interacting with Carbon Black environments.
ace-ecosystem/ioc_splunk_detect
operationalize your indicators of compromise, and send alerts/matches to ACE
ace-ecosystem/urlfinderlib
Python library for finding and validating URLs in documents and arbitrary data
ace-ecosystem/critswhitelist
Python library that interacts with CRITS to build an indicator whitelist system.
ace-ecosystem/eventsentry
A suite of tools that parses intel from phish, sandbox reports, and other artifacts to create analyst-friendly wiki writeups.
ace-ecosystem/exchangelib
Python client for Microsoft Exchange Web Services (EWS)
ace-ecosystem/getitintocrits
ace-ecosystem/netskope_log_fetcher
Script to pull down netskope logs.
ace-ecosystem/o365_log_fetch
Tool to fetch and log O365 Management Activity API logs in a SIEM-friendly json format.
ace-ecosystem/phishfry
python library for removal of emails
ace-ecosystem/SIP
Simple Intel Platform
ace-ecosystem/sipit
command line interface for adding indicators and querying different aspects of SIP
ace-ecosystem/splunk_hunter
A daemon to execute splunk searches and create ACE alerts based on the results.
ace-ecosystem/ace-ecosystem.github.io
ace-ecosystem/ace-hunter
ace-ecosystem/alb_cert_update
ace-ecosystem/cloudphishlib
simple library for common ACE cloudphish engine calls
ace-ecosystem/elk_hunter
A daemon to execute ElasticSearch queries and create ACE alerts based on the results.
ace-ecosystem/falcon-sandbox
Python client library and command line tool for the Falcon Sandbox API
ace-ecosystem/iCrt
Windows C# Gui Implementation of the Carbon Black Response feature set.
ace-ecosystem/ioc_export
export indicators of compromise into yara format or csv (interfaces with crits and sip)
ace-ecosystem/json-inspect
An experimental tool to compare and flatten JSON-formatted logs for SIEM ingestion.
ace-ecosystem/lerc
A client to help with live response activities
ace-ecosystem/pysip
A thin wrapper around requests to interact with the Simple Intel Platform (SIP).
ace-ecosystem/RotL
ace-ecosystem/sipwhitelist
Library that interacts with SIP to build an indicator whitelist system.
ace-ecosystem/velocloud_logs
A script that pulls logs down from the Velocloud Orchestrator to be ingested by a SIEM.
ace-ecosystem/yogger