geeleesa's starred repositories
concordance
Term concordances for each course in the SANS DFIR curriculum. Used for automated index generation.
Microsoft-365-Defender-Hunting-Queries
Sample queries for Advanced hunting in Microsoft 365 Defender
ibm.qradar
IBM QRadar Ansible Collection
vmware.vmware_rest
Ansible Collection for VMWare (REST modules)
community.docker
Community Docker Collection for Ansible: modules and plugins for working with Docker
community.aws
Ansible Collection for Community AWS
google.cloud
GCP Ansible Collection https://galaxy.ansible.com/google/cloud
api-samples
Samples code that uses QRadar API's
RTS-Queries
Practical Orientation Of MVISION EDR Query Language
mvision-edr-activity-feed
A command line tool to consume and subscribe to DXL events from MVISION EDR
mysql-audit
AUDIT Plugin for MySQL. See wiki and readme for description. If you find the plugin useful, please star us on GitHub. We love stars and it's a great way to show your feedback.
cb-threatexchange-connector
Carbon Black - Facebook Threat Exchange Connector
cb-airgap-feed
Import Cb Collective Defense Cloud Intelligence Feeds to air-gapped VMware Carbon Black EDR servers
cbc-binary-toolkit
Binary Toolkit for the Carbon Black Cloud
intellij-rpmspec
An IntelliJ plugin for RPM SPEC file support
cbc-syslog
Syslog Connector for the Carbon Black Cloud
cb-event-forwarder
Subscribe to raw VMware Carbon Black EDR event feed and forward to another system, such as Splunk.
cb-lastline-connector
Carbon Black - LastLine Binary Detonation Connector
cb-threatconnect-connector
VMware Carbon Black EDR - ThreatConnect Threat Intelligence Connector.
cb-taxii-connector
Connector for pulling and converting STIX information from TAXII Service Providers into CB Feeds.
carbon-black-cloud-sdk-python
VMware Carbon Black Cloud Python SDK