Skip to content
Change the repository type filter

All

    Repositories list

    • Library and command line tool for interacting with Carbon Black environments.
      Python
      Apache License 2.0
      1600Updated Sep 12, 2024Sep 12, 2024
    • Python library for finding and validating URLs in documents and arbitrary data
      Python
      Apache License 2.0
      5110Updated Jan 19, 2023Jan 19, 2023
    • A Python wrapper library for libyara and a local server for fully utilizing the CPUs of the system to scan with yara...with additional capabilities.
      Python
      Apache License 2.0
      81811Updated Dec 8, 2022Dec 8, 2022
    • lerc

      Public
      A client to help with live response activities
      Python
      Apache License 2.0
      2091Updated Dec 8, 2022Dec 8, 2022
    • Python client library and command line tool for the Falcon Sandbox API
      Python
      Apache License 2.0
      1000Updated Dec 2, 2022Dec 2, 2022
    • A suite of tools that parses intel from phish, sandbox reports, and other artifacts to create analyst-friendly wiki writeups.
      Python
      Apache License 2.0
      2000Updated May 8, 2022May 8, 2022
    • Python
      Apache License 2.0
      0000Updated Apr 13, 2022Apr 13, 2022
    • ACE

      Public archive
      Analysis Correlation Engine
      Python
      Apache License 2.0
      924180Updated Feb 8, 2022Feb 8, 2022
    • Library that interacts with SIP to build an indicator whitelist system.
      Python
      Apache License 2.0
      4000Updated Mar 31, 2021Mar 31, 2021
    • sipit

      Public
      command line interface for adding indicators and querying different aspects of SIP
      Python
      Apache License 2.0
      4000Updated Mar 31, 2020Mar 31, 2020
    • phishfry

      Public
      python library for removal of emails
      Python
      Other
      3010Updated Jan 3, 2020Jan 3, 2020
    • iCrt

      Public
      Windows C# Gui Implementation of the Carbon Black Response feature set.
      C#
      Apache License 2.0
      2000Updated Oct 9, 2019Oct 9, 2019
    • export indicators of compromise into yara format or csv (interfaces with crits and sip)
      Python
      Apache License 2.0
      0100Updated Aug 27, 2019Aug 27, 2019
    • operationalize your indicators of compromise, and send alerts/matches to ACE
      Python
      Apache License 2.0
      1100Updated Aug 27, 2019Aug 27, 2019
    • SIP

      Public
      Simple Intel Platform
      Python
      GNU General Public License v3.0
      3030Updated Aug 13, 2019Aug 13, 2019
    • Tool to fetch and log O365 Management Activity API logs in a SIEM-friendly json format.
      Python
      Apache License 2.0
      4000Updated Jul 9, 2019Jul 9, 2019
    • RotL

      Public
      Python
      2000Updated Jun 25, 2019Jun 25, 2019
    • pysip

      Public
      A thin wrapper around requests to interact with the Simple Intel Platform (SIP).
      Python
      Apache License 2.0
      2000Updated Jun 4, 2019Jun 4, 2019
    • A daemon to execute splunk searches and create ACE alerts based on the results.
      Python
      Apache License 2.0
      1000Updated Apr 24, 2019Apr 24, 2019
    • Python
      Apache License 2.0
      1000Updated Apr 17, 2019Apr 17, 2019
    • A daemon to execute ElasticSearch queries and create ACE alerts based on the results.
      Python
      Apache License 2.0
      2100Updated Apr 11, 2019Apr 11, 2019
    • 2000Updated Mar 25, 2019Mar 25, 2019
    • Script to pull down netskope logs.
      Python
      Apache License 2.0
      5010Updated Feb 28, 2019Feb 28, 2019
    • Python
      1000Updated Feb 19, 2019Feb 19, 2019
    • yogger

      Public
      Python
      1000Updated Feb 18, 2019Feb 18, 2019
    • Python client for Microsoft Exchange Web Services (EWS)
      Python
      BSD 2-Clause "Simplified" License
      248000Updated Feb 13, 2019Feb 13, 2019
    • simple library for common ACE cloudphish engine calls
      Python
      Apache License 2.0
      2000Updated Jan 29, 2019Jan 29, 2019
    • An experimental tool to compare and flatten JSON-formatted logs for SIEM ingestion.
      Python
      Apache License 2.0
      2000Updated Jan 17, 2019Jan 17, 2019
    • A script that pulls logs down from the Velocloud Orchestrator to be ingested by a SIEM.
      Python
      3000Updated Nov 27, 2018Nov 27, 2018
    • Python library that interacts with CRITS to build an indicator whitelist system.
      Python
      Apache License 2.0
      1000Updated Nov 14, 2018Nov 14, 2018