Scott J. Roberts

icon indicating a website link https://sroberts.io

icon location Logan, UT icon location Network Defender, developer, speaker, writer, author of O'Reilly's Intelligence Driven Incident Response, & SANS instructor. Bad guy catcher.

Results 66 issues of Scott J. Roberts

Add link to GoDoc Documentation

It turns out that the repo doesn't contain much in the way of documentation, so I think a prominent link to the docs would be awesome. Adding some examples wouldn't...

Elastic Protections Artifacts

https://github.com/elastic/protections-artifacts

Add executemalware's Malware-IOCs

https://github.com/executemalware/Malware-IOCs

Add HVS-Consulting IOCs

https://github.com/hvs-consulting/ioc_signatures

Add Volexity

https://github.com/volexity/threat-intel

Added ThreatView

1 comment

I've never added a service like ThreatView before. I have mixed feelings about it.

Setup GitHub Workflow & Rake

Add Reversing Labs Yara Rules

Add Enrichment Mode

It would be great if there was a way to pull automated information for all extracted indicators. - VirusTotal - PassiveTotal - etc

enhancement
help wanted

HTTP Server Mode

1 comment

The illustrious @stabbycutyou called out a cool idea that he implimented: ![image](https://user-images.githubusercontent.com/44774/31548955-98d96904-affa-11e7-9185-45dccf8de799.png) Having Cacador as a service could be really useful moving beyond a single system. I'd love to see...

enhancement
help wanted