13 tools and resources
Orochi is a collaborative forensic memory dump analysis framework.
AWS account compliance using centrally managed Config Rules
ElasticSearch honeypot to capture attempts to exploit CVE-2014-3120, with logging and daemon options.
Hippocampe is a threat feed aggregator with configurable confidence levels and a Hipposcore for determining maliciousness.
Browse a library of EQL analytics now natively integrated in Elasticsearch.
Elastic is a search-powered AI company that enables users to find answers from all data in real-time at scale.
ElastAlert is a framework for alerting on anomalies in Elasticsearch data.
Custom built application for asynchronous forensic data presentation on an Elasticsearch backend, with upcoming features like Docker-based installation and new UI rewrite in React.
A tool for fetching and visualizing cyber threat intelligence data with Elasticsearch and Kibana integration.
SHIVA: Spam Honeypot with Intelligent Virtual Analyzer for capturing and analyzing spam data.
A honeypot system that detects and identifies attack commands, recon attempts, and download commands, mimicking a vulnerable Elasticsearch instance.
A simple Elasticsearch honeypot to catch attackers exploiting RCE vulnerabilities.
SysmonSearch makes event log analysis more effective by aggregating Microsoft Sysmon logs and providing detailed analysis through Elasticsearch and Kibana.