thehive

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

Cortex: a Powerful Observable Analysis and Active Response Engine

Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.

ThePhish: an automated phishing email analysis tool

A knowledge base of actionable Incident Response techniques

Documentation of TheHive

Cortex Analyzers Repository

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Python API Client for TheHive

This project is a SIEM with SIRP and Threat Intel, all in one.

Threat Feed Aggregation, Made Easy

All-in-one bundle of MISP, TheHive and Cortex

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform

Docker configurations for TheHive, Cortex and 3rd party tools

🌊 Dockerfiles for apps I use. Also take a look at https://github.com/security-dockerfiles

This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.

Python script to automatically create sigma rules from The hive observables

This is a python tool aiming to make using TheHive webhooks easier.

Standalone Shodan feeder for TheHive

A repository to share contributions related to TheHive Project

Zerofox Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform

DigitalShadows Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform

This package allows for creating alerts in The Hive from emails retrieved from a Microsoft Exchange mailbox.

Checks observables/ioc in TheHive/Cortex against the MISP warningslists

Crowdstrike Falcon streaming api client in python

EmailScanner is an integration application in python that uses `exchangelib` to process mail items in Microsoft exchange.

Script for automatically create a case in The Hive and start Cortex analyzers adapted to fit the observables.