python-apps

python-apps copied to clipboard

sigma, emailrepio, yara etc. Surricata / snort things

frikky

Right now, each app just runs once, before killing the container. The goal of this issue is to make sure a container can be re-used, and a max amount of...

frikky

Not using all the input fields according to: https://ptb.discord.com/channels/747075026288902237/747110765609222158/867062401039859762

frikky

Add more security-related actions and functionality

2

- [ ] CIDR contains IP - [ ] Is item datatype X? (Use available observable types in TheHive/MISP)

frikky

improve/fix filter_list action in shuffle-tools

3

I'm doing some test with some nested list that requires some filtering and I'm having some issue. The first issue is that json.loads fails to parse valid json (eg. one...

dadokkio

Create IAM apps

3

Apps related to identity access management go here. TBD!

frikky

RE: This chat: https://ptb.discordapp.com/channels/747075026288902237/747813673577218063/834508705247789096 Issue is in here somewhere: https://github.com/frikky/Shuffle-apps/blob/d15aaf02ac1747254d5c4ed335b95350f8d0c27c/email/1.0.0/src/app.py

frikky

McAfee EDR AND AV

1

https://www.mcafee.com/enterprise/en-us/products/endpoint-security.html #23

frikky

Fix Splunk integration

1

This already exists here https://github.com/frikky/Shuffle-apps/tree/master/splunk/1.0.0 Requires verification and updates according to https://github.com/frikky/Shuffle-apps/issues/21

frikky

Create Sigma translator app

9

Create an app that can take a ruleset and translate it before running automation towards a SIEM, using Sigma: https://github.com/SigmaHQ/sigma Example actions: - Take input of a Sigma file OR...

frikky