A collection of scripts for the TheHive (not submitted (yet) to the project)
These scripts are not perfect.. they all work, but would need some futher development.. perhaps
- CANARY2Alert - Push Canary alerts into TheHive
- CVE2Alert - Uses CVE-Search as the base and then searches in one or several vulnerablity managment systems for any "hits"
- RSS2Alert - Keep track of "security" news in the form of TheHive Alerts
- Rapid7 - A Rapid7 analyzer, search for information about a host or IP
- Zscaler Responder - Block offending URL's/Domains in Zscaler (works like a charm), credit goes to Darren Sykes for the orginal version.
- Zscaler Sandbox - Utilize the Zscaler Sandbox to analyse your samples
- Netcraft Responder - When you are done anlyzing a phishing site, report it to Netcraft
-
CIRCL Hashlookup: https://github.com/TheHive-Project/Cortex-Analyzers/tree/master/analyzers/CIRCLHashlookup
-
Triage Sandbox analyzer: https://github.com/TheHive-Project/Cortex-Analyzers/tree/master/analyzers/Triage
-
Cortex Utils - fix for analyzer and Mitm proxies:
TheHive-Project/cortexutils#18 -
Cylance analyzer: TheHive-Project/Cortex-Analyzers#979
-
Zscaler Analyzer: TheHive-Project/Cortex-Analyzers#981 (credit goes to xg5-simon for the orginal version)