Skip to content
Change the repository type filter

All

    Repositories list

    • cbinterface

      Public archive
      command line tool for interfacing with multiple carbonblack environments to perform analysis and live response functions
      Python
      Apache License 2.0
      6550Updated Mar 15, 2021Mar 15, 2021
    • sipwhitelist

      Public archive
      Library that interacts with SIP to build an indicator whitelist system.
      Python
      Apache License 2.0
      4000Updated Jan 3, 2020Jan 3, 2020
    • urlfinderlib

      Public archive
      Python library for finding and validating URLs in documents and arbitrary data
      Python
      Apache License 2.0
      5000Updated Dec 5, 2019Dec 5, 2019
    • o365_log_fetch

      Public archive
      Tool to fetch and log O365 Management Activity API logs in a SIEM-friendly json format.
      Python
      Apache License 2.0
      4331Updated Nov 20, 2019Nov 20, 2019
    • iCrt

      Public archive
      Windows C# Gui Implementation of the Carbon Black Response feature set.
      C#
      Apache License 2.0
      2100Updated Oct 9, 2019Oct 9, 2019
    • eventsentry

      Public archive
      A suite of tools that parses intel from phish, sandbox reports, and other artifacts to create analyst-friendly wiki writeups.
      Python
      Apache License 2.0
      2500Updated Sep 16, 2019Sep 16, 2019
    • ACE

      Public archive
      Analysis Correlation Engine
      Python
      Apache License 2.0
      1026400Updated Sep 8, 2019Sep 8, 2019
    • phishfry

      Public archive
      python library for removal of emails
      Python
      Other
      3010Updated Aug 23, 2019Aug 23, 2019
    • SIP

      Public archive
      Simple Intel Platform
      Python
      GNU General Public License v3.0
      3410Updated Aug 13, 2019Aug 13, 2019
    • RotL

      Public archive
      Python
      2100Updated Jun 25, 2019Jun 25, 2019
    • sipit

      Public archive
      command line interface for adding indicators and querying different aspects of SIP
      Python
      Apache License 2.0
      4000Updated Jun 19, 2019Jun 19, 2019
    • pysip

      Public archive
      A thin wrapper around requests to interact with the Simple Intel Platform (SIP).
      Python
      Apache License 2.0
      2300Updated Jun 4, 2019Jun 4, 2019
    • splunk_hunter

      Public archive
      A daemon to execute splunk searches and create ACE alerts based on the results.
      Python
      Apache License 2.0
      1210Updated Apr 24, 2019Apr 24, 2019
    • getitintocrits

      Public archive
      Python
      Apache License 2.0
      1100Updated Apr 17, 2019Apr 17, 2019
    • elk_hunter

      Public archive
      A daemon to execute ElasticSearch queries and create ACE alerts based on the results.
      Python
      Apache License 2.0
      2200Updated Apr 11, 2019Apr 11, 2019
    • 2500Updated Mar 25, 2019Mar 25, 2019
    • netskope_log_fetcher

      Public archive
      Script to pull down netskope logs.
      Python
      Apache License 2.0
      5231Updated Feb 28, 2019Feb 28, 2019
    • alb_cert_update

      Public archive
      Python
      1000Updated Feb 19, 2019Feb 19, 2019
    • yogger

      Public archive
      Python
      1100Updated Feb 18, 2019Feb 18, 2019
    • exchangelib

      Public archive
      Python client for Microsoft Exchange Web Services (EWS)
      Python
      BSD 2-Clause "Simplified" License
      248001Updated Feb 13, 2019Feb 13, 2019
    • yara_scanner

      Public archive
      A Python wrapper library for libyara and a local server for fully utilizing the CPUs of the system to scan with yara.
      Python
      Apache License 2.0
      6110Updated Jan 30, 2019Jan 30, 2019
    • cloudphishlib

      Public archive
      simple library for common ACE cloudphish engine calls
      Python
      Apache License 2.0
      2000Updated Jan 29, 2019Jan 29, 2019
    • json-inspect

      Public archive
      An experimental tool to compare and flatten JSON-formatted logs for SIEM ingestion.
      Python
      Apache License 2.0
      2210Updated Jan 17, 2019Jan 17, 2019
    • velocloud_logs

      Public archive
      A script that pulls logs down from the Velocloud Orchestrator to be ingested by a SIEM.
      Python
      3100Updated Nov 27, 2018Nov 27, 2018
    • critswhitelist

      Public archive
      Python library that interacts with CRITS to build an indicator whitelist system.
      Python
      Apache License 2.0
      1000Updated Nov 14, 2018Nov 14, 2018
    • critsapi

      Public archive
      Python
      Apache License 2.0
      1100Updated Aug 30, 2018Aug 30, 2018
    • splunklib

      Public archive
      A simple library for performing splunk search automation.
      Python
      Apache License 2.0
      3120Updated Aug 23, 2018Aug 23, 2018
    • crits_splunk_detect

      Public archive
      operationalize your indicators of compromise, and send alerts/matches to ACE
      Python
      Apache License 2.0
      1100Updated Aug 9, 2018Aug 9, 2018
    • crits_exports

      Public archive
      export crits data to yara, ssdeep, and csv/splunk lookup table formats
      Python
      Apache License 2.0
      0000Updated Aug 6, 2018Aug 6, 2018
    • url_click

      Public archive
      A script for submitting urls seen on the carbonblack command line to cloudphish
      Python
      Apache License 2.0
      2000Updated Aug 6, 2018Aug 6, 2018