Austin's starred repositories
EDR-Telemetry
This project aims to compare and evaluate the telemetry of various EDR products.
misp-galaxy
Clusters and elements to attach to MISP events or attributes (like threat actors)
misp-warninglists
Warning lists to inform users of MISP about potential false-positives or other information in indicators
x_old_misp_docker
MISP Docker (XME edition)
misp-taxonomies
Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.
Website-OSINT
You will find a wealth of resources to help with your Website investigations.
misp-playbooks
MISP Playbooks
misp-objects
Definition, description and relationship types of MISP objects
CVE-2024-29849
Veeam Backup Enterprise Manager Authentication Bypass (CVE-2024-29849)
mail_to_misp
Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.
DesktopOrganizerBot
From Scott and Mark's Microsoft Build session where they create this bot to clean Scott's messy desktop.
threat-actor-intelligence-server
A simple ReST server to lookup threat actors (by name, synonym or UUID) and returning the corresponding MISP galaxy information about the known threat actors.
misp-wireshark
Lua plugin to extract data from Wireshark and convert it into MISP format
PyTaxonomies
Python module to use the MISP Taxonomies
PyMISPWarningLists
Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists
misp-website
MISP website (hugo-based)
misp-grafana
A real-time Grafana dashboard using MISP ZeroMQ message queue and InfluxDB
misp-sighting-server
MISP sighting server is a fast sighting server to store and look-up sightings on attributes (network indicators, file hashes, system indicators) in a space efficient way.
misp-airgap
Scripts to deploy and update MISP in air-gapped environments
misp-guard
misp-guard is a mitmproxy addon that inspects and blocks outgoing events to external MISP instances via sync mechanisms (pull/push) based on a set of customizable block rules.
cti-python-stix2
OASIS TC Open Repository: Python APIs for STIX 2 (MISP Fork)
dockerized_training_environment
A training environment, with docker.
misp-sighting-tools
Tools to support sighting from various sources (e.g. network pcap) to sight attributes in MISP instances
rpi4edgemapdisplay
Buildroot external tree for RPi4 based edgemap image with Hyperpixel 4" display