Pinned Repositories
azure-ece-recipe
Azure ECE deployment of machines with a Load Balancer
azure-logstash
load balanced logstash deployment in azure
azure-logstash-noLB
logstash 'cluster' in Availability Set, but with no load balancer
azure-quickstart-templates
Azure Quickstart Templates
IOCextractor
IOC (Indicator of Compromise) Extractor: a program to help extract IOCs from text files.
LogGenerator
Log generator in Ruby
moloch
Moloch is a open source large scale IPv4 full PCAP capturing, indexing and database system.
moloch-tools
for when you mess things up to an obscene degree
nyx
Threat Intelligence distribution
quickIR
Auxiliary scripts for Incident Response with ELK
paulpc's Repositories
paulpc/moloch
Moloch is a open source large scale IPv4 full PCAP capturing, indexing and database system.
paulpc/azure-automation
automation scripts for azure security
paulpc/elasticon2019
tools and scripts from our talk
paulpc/Logstash-output-to-Azure-Blob
Plugin to send Logstash output to Azure blob
paulpc/moloch-wise
docker scripts to generate images for moloch wise from the code on git
paulpc/azure-event-hubs-python
Python client library for Azure Event Hubs
paulpc/azure-functions-python-samples
Azure Functions Python Sample Codes
paulpc/azure-iot-device-ecosystem
Documentation for Azure IoT Device Ecosystem
paulpc/azure-storage-ruby
Microsoft Azure Storage Library for Ruby
paulpc/Azure-Transit-VNet
Azure security with VM-Series in a hub-and-spoke architecture
paulpc/Azure_RiskReports_to_syslog
Retrieve Microsoft Azure identity risk events from the Microsoft Graph API and send them out to a destination server via TCP over syslog
paulpc/azureTransitVNETokCloudSummit
Repos for demonstrating the Transit VNET concepts in the Cloud Summit
paulpc/babyPCdesk
ongoing Arduino project for Baby PCs Desk
paulpc/cloud-custodian
Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
paulpc/cloudmapper
CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
paulpc/ecs
Elastic Common Schema
paulpc/gscript
framework to rapidly implement custom droppers for all three major operating systems
paulpc/gscripts
A repo full of example gscripts
paulpc/HELK
The Hunting ELK
paulpc/Ignite2019
Templates and auxiliary materials for the presentation at Palo Alto Ignite 2019
paulpc/juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
paulpc/microsoft-teams-faqplusplus-app
A friendly FAQ bot that answers questions and connects you to experts
paulpc/O365_Audit_logs_to_Syslog
Powershell scripts to poll the Microsoft Audit API for specific workloads and send the logs to a destination over TCP
paulpc/pre-commit.com
paulpc/python-o365
A simple python library to interact with Microsoft Graph and Office 365 API. Docs: https://o365.github.io/python-o365.
paulpc/python-systemd
Python wrappers for systemd functionality
paulpc/rita
Real Intelligence Threat Analytics
paulpc/ShowMeThePackets
Useful network monitoring, analysis, and active response tools used or mentioned in the SANS SEC503 course (https://www.sans.org/course/intrusion-detection-in-depth)
paulpc/Team11
paulpc/WindowsLogging
Auxiliary materials for IWS talk