H & A Security Solutions

VulnWhisperer

Create actionable data from your Vulnerability Scans

Logstash

Contains Logstash related content including tons of Logstash configurations

Presentations

LogCampaign

Provides detection capabilities and log conversion to evtx or syslog capabilities

elastic_stack

Update-VMs

Snapshot, patch, health-check, and potentially roll-back Windows VMs

flare

An analytical framework for network traffic and behavioral analytics

elastic-ilm

Alternative Index Lifecycle Management decoupled from Elastic with more granularity

Sysmon-Manager

This repo contains information on how to auto deploy Sysmon via GPO and Task Scheduler

TacticalDataHandlingatScalewithLogstash

Contains log samples and configuration files for the Tactical Data Handling at Scale with Logstash course

WECComputerGroupMgmt

zeek_to_cuckoo

Contains a python script and service file for sending Zeek extracted files to Cuckoo Sandbox

PCAPProcessor

This repo provides a sample PowerShell script to process folders of PCAPs against zeek and suricata for SIEM analysis

tld_pattern_calculator

YoutubeContent

SmartHomeSecurityIntegrations

Scripts

SID_Translation

Converts Snort GPL and ET rules into csv format for Logstash Translation

VulnWhisperer-tests

vector

A high-performance observability data pipeline.