A cross-platform desktop GUI tool that helps security analysts build and customize threat hunting queries for platforms like Qradar, Elastic and Defender.
A simple python script that generate platform-specific queries (e.g., AQL, Elasticsearch, Defender) from input lists of IP addresses, domain names, or file hashes to identify first point of contact.
Another recon tool to quickly perform reconnaissance on a target in an organized fashion.
This tool helps analysts quickly identify rules related to a particular service (e.g., Apache Kylin, MySQL) by scanning the msg field in alert definitions in rule sets for intrusion detection systems like Suricata and Snort.
This Python tool analyzes and classifies Suricata rules by detecting key signature types such as hex patterns, string matches, PCREs, and file hashes.
