Spiritbox

Spiritbox is a PowerShell module and Graphical User Interface (GUI) for sending Indicators of Compromise (IOCs) to Elastic.

Below is an example of the JSON documents created by Spiritbox. The fields may change or grow.

{
  "event": {
    "kind": "enrichment",
    "category": "threat",
    "type": "indicator"
  },
  "geo.name": "Ziwa",
  "observer": {
    "type": "Firewall"
  },
  "threat": {
    "marking": {
      "tlp": "GREEN"
    },
    "feed": {
      "name": "Spiritbox",
      "reference": "https://github.com/cyberphor/Spiritbox"
    },
    "tactic": {
      "name": "Reconnaissance"
    },
    "indicator":  {
      "provider": "Weyland-Yutani Corp",
      "last_seen": "2023-03-16T06:38:49.000Z",
      "ip": [
        "1.2.3.4",
        "2.2.2.2",
        "192.168.1.23"
      ],
      "type":  [
        "ipv4-addr"
      ]
    },
    "response": "None"
  }
}

Screenshots

Input Validation

Progress Bar

Progress Bar Error

Copyright

This project is licensed under the terms of the MIT license. The ghost icon was created by Freepik (Flaticon).

Name		Name	Last commit message	Last commit date
Latest commit History 97 Commits
Spiritbox		Spiritbox
screenshots		screenshots
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
Spiritbox.psd1		Spiritbox.psd1
Spiritbox.psm1		Spiritbox.psm1
config.json		config.json
debug.ps1		debug.ps1
ghost.ico		ghost.ico
report-example.json		report-example.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Spiritbox

Screenshots

Copyright

About

Releases

Packages

Languages

License

cyberphor/Spiritbox

Folders and files

Latest commit

History

Repository files navigation

Spiritbox

Screenshots

Copyright

About

Topics

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages