Skip to content

@IntegralDefense Integral Defense | Automate the Ordinary

Change the repository type filter

All

    Repositories list

    42 repositories

    • cbinterface

      Public archive
      command line tool for interfacing with multiple carbonblack environments to perform analysis and live response functions
      Python
      Apache License 2.0
      5550Updated Mar 15, 2021Mar 15, 2021

    • sipwhitelist

      Public archive
      Library that interacts with SIP to build an indicator whitelist system.
      Python
      Apache License 2.0
      3000Updated Jan 3, 2020Jan 3, 2020

    • o365_log_fetch

      Public archive
      Tool to fetch and log O365 Management Activity API logs in a SIEM-friendly json format.
      Python
      Apache License 2.0
      4331Updated Nov 20, 2019Nov 20, 2019

    • iCrt

      Public archive
      Windows C# Gui Implementation of the Carbon Black Response feature set.
      C#
      Apache License 2.0
      2100Updated Oct 9, 2019Oct 9, 2019

    • eventsentry

      Public archive
      A suite of tools that parses intel from phish, sandbox reports, and other artifacts to create analyst-friendly wiki writeups.
      Python
      Apache License 2.0
      2500Updated Sep 16, 2019Sep 16, 2019

    • ACE

      Public archive
      Analysis Correlation Engine
      information-securitysecurity-automationanalysis-correlation-engine
      information-securitysecurity-automationanalysis-correlation-engine
      Python
      Apache License 2.0
      1026400Updated Sep 8, 2019Sep 8, 2019

    • phishfry

      Public archive
      python library for removal of emails
      Python
      Other
      3010Updated Aug 23, 2019Aug 23, 2019

    • SIP

      Public archive
      Simple Intel Platform
      pythonrest-apiintel
      pythonrest-apiintel
      Python
      GNU General Public License v3.0
      2410Updated Aug 13, 2019Aug 13, 2019

    • RotL

      Public archive
      Python
      2100Updated Jun 25, 2019Jun 25, 2019

    • sipit

      Public archive
      command line interface for adding indicators and querying different aspects of SIP
      Python
      Apache License 2.0
      4000Updated Jun 19, 2019Jun 19, 2019

    • pysip

      Public archive
      A thin wrapper around requests to interact with the Simple Intel Platform (SIP).
      Python
      Apache License 2.0
      1200Updated Jun 4, 2019Jun 4, 2019

    • splunk_hunter

      Public archive
      A daemon to execute splunk searches and create ACE alerts based on the results.
      Python
      Apache License 2.0
      1210Updated Apr 24, 2019Apr 24, 2019

    • getitintocrits

      Public archive
      Python
      Apache License 2.0
      1100Updated Apr 17, 2019Apr 17, 2019

    • elk_hunter

      Public archive
      A daemon to execute ElasticSearch queries and create ACE alerts based on the results.
      Python
      Apache License 2.0
      2200Updated Apr 11, 2019Apr 11, 2019

    • integraldefense.github.io

      Public
      2500Updated Mar 25, 2019Mar 25, 2019

    • netskope_log_fetcher

      Public archive
      Script to pull down netskope logs.
      Python
      Apache License 2.0
      5231Updated Feb 28, 2019Feb 28, 2019

    • alb_cert_update

      Public archive
      Python
      1000Updated Feb 19, 2019Feb 19, 2019

    • yogger

      Public archive
      Python
      1100Updated Feb 18, 2019Feb 18, 2019

    • exchangelib

      Public archive
      Python client for Microsoft Exchange Web Services (EWS)
      Python
      BSD 2-Clause "Simplified" License
      245001Updated Feb 13, 2019Feb 13, 2019

    • yara_scanner

      Public archive
      A Python wrapper library for libyara and a local server for fully utilizing the CPUs of the system to scan with yara.
      Python
      Apache License 2.0
      6110Updated Jan 30, 2019Jan 30, 2019

    • cloudphishlib

      Public archive
      simple library for common ACE cloudphish engine calls
      Python
      Apache License 2.0
      2000Updated Jan 29, 2019Jan 29, 2019

    • json-inspect

      Public archive
      An experimental tool to compare and flatten JSON-formatted logs for SIEM ingestion.
      Python
      Apache License 2.0
      2210Updated Jan 17, 2019Jan 17, 2019

    • velocloud_logs

      Public archive
      A script that pulls logs down from the Velocloud Orchestrator to be ingested by a SIEM.
      Python
      3100Updated Nov 27, 2018Nov 27, 2018

    • critswhitelist

      Public archive
      Python library that interacts with CRITS to build an indicator whitelist system.
      Python
      Apache License 2.0
      1000Updated Nov 14, 2018Nov 14, 2018

    • critsapi

      Public archive
      Python
      Apache License 2.0
      1100Updated Aug 30, 2018Aug 30, 2018

    • splunklib

      Public archive
      A simple library for performing splunk search automation.
      Python
      Apache License 2.0
      3120Updated Aug 23, 2018Aug 23, 2018

    • crits_splunk_detect

      Public archive
      operationalize your indicators of compromise, and send alerts/matches to ACE
      Python
      Apache License 2.0
      1100Updated Aug 9, 2018Aug 9, 2018

    • crits_exports

      Public archive
      export crits data to yara, ssdeep, and csv/splunk lookup table formats
      Python
      Apache License 2.0
      0000Updated Aug 6, 2018Aug 6, 2018

    • url_click

      Public archive
      A script for submitting urls seen on the carbonblack command line to cloudphish
      Python
      Apache License 2.0
      2000Updated Aug 6, 2018Aug 6, 2018

    • otx2crits

      Public archive
      Subscribe to Alienvault OTX feeds and automatically import them into CRITs events
      Python
      Apache License 2.0
      1200Updated Aug 6, 2018Aug 6, 2018
    ProTip! When viewing an organization's repositories, you can use the props. filter to filter by custom property.