├── README.md ├── active-responses ├── README.md ├── disable-account-win.cmd ├── lnx-isolation.sh ├── ports-scan.py ├── remove-file-fim.cmd ├── remove-file-vt.cmd └── win-isolation.cmd ├── alrt.py ├── elastic-dump.sh ├── monitor-cluster.py ├── reindex.sh ├── template-fileds ├── README.md └── fields-manager.py ├── tools ├── archives-analyzer.py ├── db-remove.sh ├── remove-old-indices │ ├── README.md │ ├── remove-old-indices.py │ └── remove-old-indices.yaml ├── upload_s3 │ ├── README.md │ └── logs-backup-s3.py ├── wazuh-injector.py ├── wazuh2sql │ ├── README.md │ ├── wazuh2sql.py │ └── wazuh2sql_conf.yaml └── windows-events │ ├── Event-Converter.ps1 │ └── win-event-generator.py ├── wazuh-integrations ├── Jira │ ├── README.md │ └── custom-jira.py ├── ServiceNow │ └── custom-servicenow.py ├── Splunk │ ├── README.md │ └── custom-splunk-integration.py ├── TheHive │ ├── README.md │ ├── custom-thehive-extended.py │ └── custom-thehive-simple.py ├── custom-email-html │ ├── README.md │ └── custom-email-html.py ├── elastic-reports │ ├── README.md │ └── custom-elastic-reports.py └── malwareBazaar │ ├── README.md │ ├── custom-malwareBazaar │ └── malwareBazaar_rules.xml └── wodle-commands ├── disks-usage-tool ├── README.md └── disks-tool.py ├── get-confluence-logs └── get-confluence-logs.py ├── get-jira-logs ├── README.md └── get-jira-logs.py ├── github-ent-logs └── github-ent-api.py ├── groups-inventory ├── README.md └── groups-inventory.py ├── imperva-logs ├── README.md ├── imperva-api.py └── imperva_config_api.txt ├── jumpcloud-logs └── get-jumpcloud-logs.py ├── sca-reports-snow ├── README.md └── sca-reports.py ├── sca-reports-thehive ├── README.md └── sca-reports-thehive.py ├── vd-reports-thehive ├── README.md └── vd-reports-thehive.py └── win-defender ├── README.md └── win-defender-api.py /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/README.md -------------------------------------------------------------------------------- /active-responses/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/active-responses/README.md -------------------------------------------------------------------------------- /active-responses/disable-account-win.cmd: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/active-responses/disable-account-win.cmd -------------------------------------------------------------------------------- /active-responses/lnx-isolation.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/active-responses/lnx-isolation.sh -------------------------------------------------------------------------------- /active-responses/ports-scan.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/active-responses/ports-scan.py -------------------------------------------------------------------------------- /active-responses/remove-file-fim.cmd: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/active-responses/remove-file-fim.cmd -------------------------------------------------------------------------------- /active-responses/remove-file-vt.cmd: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/active-responses/remove-file-vt.cmd -------------------------------------------------------------------------------- /active-responses/win-isolation.cmd: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/active-responses/win-isolation.cmd -------------------------------------------------------------------------------- /alrt.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/alrt.py -------------------------------------------------------------------------------- /elastic-dump.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/elastic-dump.sh -------------------------------------------------------------------------------- /monitor-cluster.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/monitor-cluster.py -------------------------------------------------------------------------------- /reindex.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/reindex.sh -------------------------------------------------------------------------------- /template-fileds/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/template-fileds/README.md -------------------------------------------------------------------------------- /template-fileds/fields-manager.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/template-fileds/fields-manager.py -------------------------------------------------------------------------------- /tools/archives-analyzer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/tools/archives-analyzer.py -------------------------------------------------------------------------------- /tools/db-remove.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/tools/db-remove.sh -------------------------------------------------------------------------------- /tools/remove-old-indices/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/tools/remove-old-indices/README.md -------------------------------------------------------------------------------- /tools/remove-old-indices/remove-old-indices.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/tools/remove-old-indices/remove-old-indices.py -------------------------------------------------------------------------------- /tools/remove-old-indices/remove-old-indices.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/tools/remove-old-indices/remove-old-indices.yaml -------------------------------------------------------------------------------- /tools/upload_s3/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/tools/upload_s3/README.md -------------------------------------------------------------------------------- /tools/upload_s3/logs-backup-s3.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/tools/upload_s3/logs-backup-s3.py -------------------------------------------------------------------------------- /tools/wazuh-injector.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/tools/wazuh-injector.py -------------------------------------------------------------------------------- /tools/wazuh2sql/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/tools/wazuh2sql/README.md -------------------------------------------------------------------------------- /tools/wazuh2sql/wazuh2sql.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/tools/wazuh2sql/wazuh2sql.py -------------------------------------------------------------------------------- /tools/wazuh2sql/wazuh2sql_conf.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/tools/wazuh2sql/wazuh2sql_conf.yaml -------------------------------------------------------------------------------- /tools/windows-events/Event-Converter.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/tools/windows-events/Event-Converter.ps1 -------------------------------------------------------------------------------- /tools/windows-events/win-event-generator.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/tools/windows-events/win-event-generator.py -------------------------------------------------------------------------------- /wazuh-integrations/Jira/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wazuh-integrations/Jira/README.md -------------------------------------------------------------------------------- /wazuh-integrations/Jira/custom-jira.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wazuh-integrations/Jira/custom-jira.py -------------------------------------------------------------------------------- /wazuh-integrations/ServiceNow/custom-servicenow.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wazuh-integrations/ServiceNow/custom-servicenow.py -------------------------------------------------------------------------------- /wazuh-integrations/Splunk/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wazuh-integrations/Splunk/README.md -------------------------------------------------------------------------------- /wazuh-integrations/Splunk/custom-splunk-integration.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wazuh-integrations/Splunk/custom-splunk-integration.py -------------------------------------------------------------------------------- /wazuh-integrations/TheHive/README.md: -------------------------------------------------------------------------------- 1 | # TheHive Integration 2 | -------------------------------------------------------------------------------- /wazuh-integrations/TheHive/custom-thehive-extended.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wazuh-integrations/TheHive/custom-thehive-extended.py -------------------------------------------------------------------------------- /wazuh-integrations/TheHive/custom-thehive-simple.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wazuh-integrations/TheHive/custom-thehive-simple.py -------------------------------------------------------------------------------- /wazuh-integrations/custom-email-html/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wazuh-integrations/custom-email-html/README.md -------------------------------------------------------------------------------- /wazuh-integrations/custom-email-html/custom-email-html.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wazuh-integrations/custom-email-html/custom-email-html.py -------------------------------------------------------------------------------- /wazuh-integrations/elastic-reports/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wazuh-integrations/elastic-reports/README.md -------------------------------------------------------------------------------- /wazuh-integrations/elastic-reports/custom-elastic-reports.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wazuh-integrations/elastic-reports/custom-elastic-reports.py -------------------------------------------------------------------------------- /wazuh-integrations/malwareBazaar/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wazuh-integrations/malwareBazaar/README.md -------------------------------------------------------------------------------- /wazuh-integrations/malwareBazaar/custom-malwareBazaar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wazuh-integrations/malwareBazaar/custom-malwareBazaar -------------------------------------------------------------------------------- /wazuh-integrations/malwareBazaar/malwareBazaar_rules.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wazuh-integrations/malwareBazaar/malwareBazaar_rules.xml -------------------------------------------------------------------------------- /wodle-commands/disks-usage-tool/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wodle-commands/disks-usage-tool/README.md -------------------------------------------------------------------------------- /wodle-commands/disks-usage-tool/disks-tool.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wodle-commands/disks-usage-tool/disks-tool.py -------------------------------------------------------------------------------- /wodle-commands/get-confluence-logs/get-confluence-logs.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wodle-commands/get-confluence-logs/get-confluence-logs.py -------------------------------------------------------------------------------- /wodle-commands/get-jira-logs/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wodle-commands/get-jira-logs/README.md -------------------------------------------------------------------------------- /wodle-commands/get-jira-logs/get-jira-logs.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wodle-commands/get-jira-logs/get-jira-logs.py -------------------------------------------------------------------------------- /wodle-commands/github-ent-logs/github-ent-api.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wodle-commands/github-ent-logs/github-ent-api.py -------------------------------------------------------------------------------- /wodle-commands/groups-inventory/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wodle-commands/groups-inventory/README.md -------------------------------------------------------------------------------- /wodle-commands/groups-inventory/groups-inventory.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wodle-commands/groups-inventory/groups-inventory.py -------------------------------------------------------------------------------- /wodle-commands/imperva-logs/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wodle-commands/imperva-logs/README.md -------------------------------------------------------------------------------- /wodle-commands/imperva-logs/imperva-api.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wodle-commands/imperva-logs/imperva-api.py -------------------------------------------------------------------------------- /wodle-commands/imperva-logs/imperva_config_api.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wodle-commands/imperva-logs/imperva_config_api.txt -------------------------------------------------------------------------------- /wodle-commands/jumpcloud-logs/get-jumpcloud-logs.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wodle-commands/jumpcloud-logs/get-jumpcloud-logs.py -------------------------------------------------------------------------------- /wodle-commands/sca-reports-snow/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wodle-commands/sca-reports-snow/README.md -------------------------------------------------------------------------------- /wodle-commands/sca-reports-snow/sca-reports.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wodle-commands/sca-reports-snow/sca-reports.py -------------------------------------------------------------------------------- /wodle-commands/sca-reports-thehive/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wodle-commands/sca-reports-thehive/README.md -------------------------------------------------------------------------------- /wodle-commands/sca-reports-thehive/sca-reports-thehive.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wodle-commands/sca-reports-thehive/sca-reports-thehive.py -------------------------------------------------------------------------------- /wodle-commands/vd-reports-thehive/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wodle-commands/vd-reports-thehive/README.md -------------------------------------------------------------------------------- /wodle-commands/vd-reports-thehive/vd-reports-thehive.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wodle-commands/vd-reports-thehive/vd-reports-thehive.py -------------------------------------------------------------------------------- /wodle-commands/win-defender/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wodle-commands/win-defender/README.md -------------------------------------------------------------------------------- /wodle-commands/win-defender/win-defender-api.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dariommr/scripts/HEAD/wodle-commands/win-defender/win-defender-api.py --------------------------------------------------------------------------------