🦝 OpenAPI plugin for generating API reference docs in Docusaurus v2.
503 ★
Script for detecting the WireLurker malware family
413 ★
Main MineMeld documentation repo
375 ★
Evaluate the RBAC permissions of Kubernetes identities through policies written in Rego
321 ★
The PAN-OS SDK for Python is a package to help interact with Palo Alto Networks devices (including physical and virtualized Next-generation Firewalls and Panorama). The pan-os-python SDK is object oriented and mimics the traditional interaction with the device via the GUI or CLI/API.
Ansible modules for Palo Alto Networks NGFWs
226 ★
IronSkillet is a set of day-one configuration templates for PAN-OS to enable alignment with security best practices. See the Quick Start section below to get started using the template configurations.
188 ★
Ansible collection for easy automation of Palo Alto Networks next generation firewalls and Panorama, in both physical and virtual form factors.
186 ★
This repo contains Terraform templates to deploy infrastructure on AWS and Azure and to secure them using the Palo Alto Networks Next Generation Firewalls
143 ★
Engine of MineMeld
140 ★
Sample playbooks for the Palo Alto Networks Ansible modules.
118 ★
VM-Series ARM Templates for Microsoft Azure
105 ★
PCS Policies Release Notice
98 ★
Palo Alto Networks App for Splunk leverages the data visibility provided by Palo Alto Networks next-generation firewalls and endpoint security with Splunk's extensive investigation and visualization capabilities to deliver an advanced security reporting and analysis tool.
96 ★
IAM-Deescalate helps mitigate privilege escalation risk in AWS identity and access management (IAM)
92 ★
Terraform Panos provider
83 ★
A collection of files with indicators supporting social media posts from Palo Alto Network's Unit 42 team to disseminate timely threat intelligence.
82 ★
Prisma Cloud docs
78 ★
VM-Series for Amazon Web Services
74 ★
Postman collections for Prisma Cloud
66 ★
Framework and utilities to easily manage and edit Palo Alto Network PANOS devices
62 ★
Auto Scaling VM-Series firewalls in AWS
58 ★
A collection of technical and sales resources related to Prisma Cloud Compute and Prisma Cloud Enterprise created for the PANW Channel Partner Ecosystem and other engineers working with the solution
57 ★
Terraform PrismaCloud provider
54 ★
pango is the underlying library for the Palo Alto Networks Terraform provider
53 ★
Prisma Cloud utility scripts, and a Python SDK for Prisma Cloud APIs.
52 ★
This repository contains CFT and TF templates for deploying VM-Series Firewalls behind AWS Gateway Load Balancer
Create custom auto-remediation solutions using serverless functions in the cloud.
50 ★
Terraform Reusable Modules for VM-Series on Azure
49 ★
pyJARM is a library for doing JARM fingerprinting using python
48 ★
Ansible playbook for installing MineMeld on Linux
Test whether a container environment is vulnerable to container escapes via CVE-2022-0492
46 ★
43 ★
GitHub action to scan container images with Palo Alto Networks' Prisma Cloud
42 ★
WebUI of MineMeld
Prisma Cloud sizing scripts
41 ★
Python idiomatic SDK for Cortex™ Data Lake.
Terraform Reusable Modules for VM-Series on AWS
40 ★
Panhandler is a tool to manage config snippets and Skillets for PAN-OS devices
automated AWS transit vpc
Prototypes for MineMeld nodes
37 ★
Creates a Transit Gateway with two server VPCs and a security VPC
35 ★
The Prisma Cloud CLI is a command line interface for Prisma Cloud by Palo Alto Networks.
34 ★
Repository for Palo Alto Networks Kubernetes Security - CN Series.
32 ★
Palo Alto Networks for Developers
Example scripts, snippets, and other documents related to Prisma Cloud Compute
31 ★
A set of best practices to be followed when contributing to the Palo Alto Networks terraform modules
Palo Alto Networks Reference Architectures
28 ★
Parse a report and import the events into MISP
Evident Security Platform Custom Signatures Samples
Flexible Cloud Automation
27 ★
Certificate generation made easy
Scale out security for web deployments using VM-Series firewalls and Azure Application Gateway web load balancer
26 ★
Go library to build an API server based on an Elemental model
25 ★
A command line utility to aid in using autofocus for IR and research
Terraform provider for Prisma Cloud Compute
23 ★
Materials for PS Regional Training AWS lab
22 ★
Aporeto API (Elemental model)
Azure security with VM-Series in a hub-and-spoke architecture
19 ★
MineMeld nodes for MISP
VM-Series Firewalls on OpenStack
The Palo Alto Networks Add-on for Splunk allows a Splunk® Enterprise or Splunk Cloud administrator to collect data from Palo Alto Networks Next-Generation Firewall devices and Advanced Endpoint Protection.
A python client library for interfacing with the autofocus rest services
pan-stix
The home of Developer docs for Prisma by Palo Alto Networks
18 ★
Regolithe Specifications + Dev Tools
Azure autoscaling solution using VMSS
17 ★
A python library to extract TCP sessions from PCAPs.
16 ★
Terraform Reusable Modules for VM-Series on Google Cloud Platform (GCP)
This repository is deprecated
Simple mtls HTTPs proxy to use as a sidecar for protecting non critical services
DevSecOps with Prisma Cloud
15 ★
A set of Terraform plans for deploying a Kubernetes cluster protected by a CN-Series containerize firewall
Official Palo Alto Networks MineMeld docker
Introduction to Terraform and Ansible
Go library implementing the Regolithe specifications as Elemental model
Prisma Cloud SDK in Go
14 ★
A collection of pre-installed tools commonly used with Palo Alto Networks products packaged as a Docker container
Go library to perform CRUD operations on an Elemental model with multiple backend implementations
Unit 42 repository hosting packet captures (pcaps) for our series of Wireshark tutorials
13 ★
This repo is for deploying CN-series firewall using Helm Package Manager for Kubernetes
Prisma Cloud serverless function that can accept webhook and send alerts to syslog, S3, and SQS
Multi-Cloud Security Automation Lab
wsc is a library that allows to interact with web sockets using channels.
AWS ALB Sandwich with VM-Series
Script for pulling events from a MISP database and converting them to Autofocus queries.
The Terraform provider for the Palo Alto Networks AWS cloud NGFW
12 ★
A Utility to bootstrap a new PAN-OS NGFW. This utility provides an API only. An example web interface is provided here: https://github.com/PaloAltoNetworks/panos-bootstrapper-ui
Migrate Panorama or Local PANOS config to Strata Cloud Manager
11 ★
Python3 API toolkit for Prisma Cloud APIs
CIS benchmark quickplay for rapid assessments of the NGFW
Infrastructure as Code lab using Terraform and GCP
Terraform provider for Prisma Cloud
Read only mirror. To contribute or submit issues, please go to the website link --->
VM-Series templates for Google Cloud Platform
MineMeld Miner for Youtube channels
Sample data generator for the Splunk for Palo Alto Networks app.
PAN-OS Bootstrapper UI provides a simple, example web-UI that consumes the PAN-OS Bootstrapper utility API.
10 ★
Azure Load Balancer and HA Combined Deployment for Faster Failover with no API Calls
9 ★
PAN-OS® for Developers site
Simple 2-zone internet gateway configuration for home use
Palo Alto Networks Application Framework NodeJS SDK
Implements the automation and integration framework to work with Azure Virtual WAN's and PANW to create VPN connections.
Tool to check for PANOS Devices with Certificates that will expire on 12-31-23
8 ★
PAN-OS Upgrade Assurance package code
Auth As A Service
Suite of skillets for initial Prisma Access deployment and configuration
Skillets is the default holding place for useful Panhandler skillets. These are usually smaller one-off bits that may not require their own repository. Feel free to add to this repository with your own Skillets via a PR.
This Azure HA Template Allows Launching an Additional VM-Series into a Resource Group.
Utils is a package that contains various shared utilities tools for Aporeto micro services
Repository for Cortex XDR and Cortex XSIAM XQL queries and more!
7 ★
Tool to migration Prisma Cloud Compute Consoles through the use of the Prisma Cloud API
Golang Integration Tests Library
Python interface to the Palo Alto Networks Threat Vault API
A set of tutorials to learn how to automate various Prisma Cloud tasks.
This Terraform Module creates a PAN-OS bootstrap package in an AWS S3 bucket to be used for bootstrapping Palo Alto Networks VM-Series virtual firewall instances.
Tools and base classes for working with Skillets. Issues and feature requests are tracked here: https://gitlab.com/panw-gse/as/skilletlib/-/issues
Google Cloud Auto Scaling Available Now
Cloudformation Script to onboard accounts to Redlock
This repo contains a lab which demonstrates the use of the Palo Alto Networks Security adapter for Istio
Simple server to handle OIDC flow
This solution maps XFF header source IP to User-ID allowing for blocking malicious sources when the VM-Series is behind a device that performs source NAT such as a load balancer.
Phoenix is a library based on bahamut to build hook servers.
Cisco ISE session miner using pxGrid bulk download REST API
A collection of utilities that users of pan-python might find useful
Terraform Reusable Modules for Software Firewalls on AWS
6 ★
Build & secure a Google Cloud hub-and-spoke architecture with VM-Series.
Prerequisites Lab for Palo Alto Networks Professional Service Public Cloud Workshop
Docusaurus template for bootstrapping with docusaurus-openapi-docs
QwikLab setup scripts for Palo Alto Networks Cloud NGFW lab
Python client to retrieve prisma access IP Addresses from API
Template for deploying Palo Alto VM Series FW with Azure Gateway Load Balancer
Windows package for framework PAN-OS-PHP
VM-Series Advanced Deployment for GCP Qwiklab
Docs and tutorial for Skillet template building
Dynamic User Group code for Palo Alto Networks devices
repo for ignite 2018 hand on lab
go client for Midgard authentication
The Terraform provider for Strata Cloud Manager
5 ★
A python framework to use the Prisma Access API to configure Cloud Managed
Prisma SASE SDK
Splunk app for ingesting Prisma Cloud Compute incidents and forensics
Prisma Cloud Compute SDK in Go
Ansible playbook to license the NGFW, install content updates, and install the required software version
Terraform Modules for Palo Alto Networks PAN-OS based Platforms
SD-WAN configuration templates
Prisma Cloud alert csv output plus tags and account group names
GlobalProtect Quick Configs
Sample Terraform template for deploying VM-Series on Oracle Cloud Infrastructure
Azure VM-Series options including differing interfaces
Intel Importer
Terraform modules that leverage the Palo Alto Networks Prisma SASE Terraform Provider
4 ★
Reusable workflows for Terraform Modules code repositories.
Qwiklab setup scripts for deploy Zero Trust lab with Palo Alto Networks VM-Series Firewall
Reading large amounts of log files is difficult. These Sublime Text files help highlight events in the log files.
Prisma Cloud monitoring and metrics
Cloud Formation template to deploy and manage the Cloud NGFW on AWS.
Policy-as-code automation for Prisma Cloud Code Security and Bridgecrew.
Python SDK for Cortex™ Xpanse
set of configuration, validation, and scripts for IoT deployment and traffic generation
Create custom VM-Series images on public cloud with upgraded PanOS, Plugin and Content versions
A hands-on lab showing how to use the PAN-OS Ansible modules.
Ansible collection for Prisma Cloud
Qwiklab-Prisma Cloud Compute: Securing GKE Run Time
Detect and respond to attacks in AWS by sending packets to VM-Series without putting the firewall inline
MineMeld nodes for Microsoft Graph Security API
Cisco ISE pxGrid to Palo Alto Networks MineMeld Gateway
Palo Alto Networks Device Framework Jupyter Notebook Tutorial
Issue tracking for the Palo Alto Networks Cisco ACI Device Package
Terraform Reusable Modules for Software Firewalls on GCP
3 ★
Kubernetes CronJob to update automatically Prisma Cloud defender DaemonSet in kubernetes clusters.
Learn how to deploy and use Google Cloud Firewall plus, a native Google Cloud service powered by Palo Alto Networks Threat Prevention technologies.
Terraform tutorial detailing how to deploy Active/Passive VM-Series with session sync in Google Cloud.
A Terraform provider for the declarative management of Prisma Cloud Web Application & API Security (WAAS) policies
Coverage tool to get patch coverage details from go cover files.
scripts to query information from a PAN-OS NGFW
PANW VM-Series FW Terraform template for IBM Cloud
Ansible collection for Skillets
Source for the documentation of the Splunk App and Add-on
Integration of IOC from AWS Security Hub with the VM-Series Firewall
Creates a PAN-OS bootstrap package in Microsoft Azure.
The K-12 Skillet is indented for K-12 educational deployment configuration of the Palo Alto Networks NGFW
This Ansible role applies security best practice templates to Palo Alto Networks devices.
A group of custom vulnerability signatures from various authors.
A collection of Example Skillets including terraform, REST, python, and PAN-OS skillets
Partner Security Guidelines for Cortex Apps
This repository contains the various integrations of the Palo Alto Networks Security adapter for Istio
CNC: Chevy's, not Cadillacs. Rapid UI prototyping for all Palo Alto Networks WWSE demos and pocs.
Deploys the VM-Series in Azure into an Availability Zone
New TAXII Miner for MineMeld
a collection of scripts that make PaloAltoNetworks test drive
Very targeted script that allows update of the FW NAT rules based on the dynamic AWS' ELB VIP changes
SCM Modules to support Prisma Access
2 ★
Terraform Reusable Modules for Software Firewalls on Azure
Implements Contrastive Credibility Propagation (CCP) in PyTorch, an iterative semi-supervised learning framework
A repository to store custom policy examples that do not belong as out-of-the-box policies for Code Security.
Aporeto services integration tests library
Python Script for Prisma Cloud CSPM to run RQL queries and record results in a CSV file
Python interface to the Palo Alto Networks IoT Security API
Utilize a CSV list of accounts to see if a list of accounts exists in a Prisma Cloud tenant
SCCA implementation for Palo Alto Networks on Azure
Palo Alto Networks Qwiklabs
Palo Alto Networks PAN-OS Dynamic Address Group (DAG) Tags Module for Network Infrastructure Automation (NIA)
IaC demo using Terraform Cloud
test
Easier go modules developer workflow
Script for exporting Prisma Cloud policies and their associated RQL into a CSV output file.
Repo for ignite how lab
MSSP Demo Portal - Art of the Possible
Application Frameworks OAUTH2 Shared Component implementation as a AWS Lambda Function
This is the V1 (CFT) template to deploy an NLB architecture to AWS.
firebreak: Fight fire with WildFire
An application to have a better visibility on our Git repositories in GitHub Enterprise
1 ★
SDK for Strata Cloud Manager
A Rust implementation of the PAN-OS API.
A simple demo implementation of the Innocent Until Proven Guilty (IUPG) learning framework to train an MNIST classifier with or without noise.
An implementation of the Contrastive Credibility Propagation (CCP) algorithm in Tensorflow. Includes all the code needed to recreate the CIFAR-10 and CIFAR-100 experiments in the paper.
Prisma Cloud Compute API management of compute collections.
This is the repository for indicators of compromise (IOCs) and other data for threat intelligence articles posted on the Palo Alto Networks Unit 42 website.
Prisma Cloud API management of Cloud Accounts, specifically around agentless.
XSOAR Content for managing the PAN-OS Upgrade process.
Test skeleton with Terratest for VM-Series modules
This repository is for automating the deployment of a hybrid multi cloud environment using terraform.
Terraform provider for SASE API
This utility queries the firewall and out provides information on Unused rules.
Qwiklab setup scripts for deploy Zero Trust lab with Palo Alto Networks CN-Series Firewall
A lightweight utility to tag Sanctioned applications on Palo Alto Networks Firewalls.
Code repository for simulator test harness for scale testing
Proxy application for ingesting into Azure sentinel from Cortex Data Lake
This is the underlying SDK library for a Terraform provider
A demonstration of using the Wildfire API to scan files uploaded to a Google Cloud Storage bucket to determine if they are malicious or benign.
Status monitoring for our family of pan.dev sites
CNS Customer repository
IronSkillet sub-snippets used to create loadable configurations as playlists that may only use select configuration elements
Fork of David Spears TGW-GWLB demo to use with CloudShare
PANW Panorama Terraform template for IBM Cloud deployments
Modified version of the CN-Series-Helm Repo. This will only create 1 MP.
For use with AWS HA Improvements
CN-Series Qwiklab
NodeJS / Javascript / TypeScript language binding for the XDR PRO API
This Terraform Module creates a PAN-OS bootstrap package in a Google Cloud Storage bucket.
Signatures for Palo Alto Networks to detect improperly hardened servers
A PassportJS strategy for Palo Alto Networks Cortex
This repository contains squid proxy patch to make it work with the decryption broker feature. This repo also has a brief documentation about how to make squid proxy work with decryption broker feature in order to send traffic to an ICAP server for inspection.
Cortex® for Developers
Miner for Prisma Access API
Default community health files for all Palo Alto Networks public repositories
Reports and tools for performing various assessments
Code for Black Hat Projects
Deploys k8s cluster, VM-Series for N/S and E/W inspection and guides the use of the Prisma Cloud API scan of Manifest
Onboarding and configuration skillets for GPCS
Azure Kubernetes Service Security Solution
This repo contains the configuration files to build and deploy the Palo Alto Networks Istio adapter into the GCP/Kubernetes market place
Mobile configuration templates to create logging for safenetworking
An Ansible role that synchronizes VMware vCenter virtual machine IP addresses and tags with PAN-OS.
This implementation integrates the AWS Security Hub insights and makes it actionable on the VM-Series FW.
MineMeld nodes for MSFT WD ATP API
This repo contains Terraform templates to deploy a PAN VM-Series FW into GCP.
This repo enables you to perform cloud automation demos using Terraform or Ansible
MineMeld Miner extension to expand IPv4 wildcards into list of corresponding CDIR's
MineMeld Output node for CEF format
A proof of concept to demonstrate synchronization of server assets and their attributes from ServiceNow into registered IP tags and dynamic address groups on a Palo Alto Networks next-generation firewall.
0 ★
Preload Trusted CA Intermediate Certificate Chains on PAN-OS
Dialout code for openconfig plugin (running on panOS devices)
Script to calculate average time it takes for an Alert to move from Open status to Resolved status.
Defender auto-deploy using K8S service account docs.
The pcs-inspect.py script queries the Prisma Cloud API for all enabled Policies and for all Alerts within a Relative Time Range (with a default of one month) for a Tenant
This template deploys two VM-Series firewalls in HA with HAVIP in one Availability Zone (AZ) and a single firewall in another AZ. Failover is controlled by a Function Compute script
Gathers information from PANW automation GitHub repos to build documentation for pan.dev
Secure many VPC networks using VM-Series within the Google Cloud multi-hub and spoke design.
Scripts to run async RQL queries
Simple script to dismiss alerts from a supplied CSV file.
PC CNS Firewall Models
Python3 tool for automatically dismissing alerts in Prisma Cloud for a deleted cloud account
Helm Charts for Cortex XDR
SDK for interacting with Secure Access Edge Service
Prisma Cloud Tenant Locator Script
Public repository providing Expedition updates. APT repository
This script will run RQL search and take the results and format them into CSV (based on current CSV output on Investigate page)
API resources exposed by the aggregated-apiserver
This repo is for deploying CN-series firewall using Helm Package Manager for Kubernetes in IBM Cloud
This template deploys two VM-Series firewalls in a Load-Balancer Sandwich architecture in Alibaba Cloud using the VM-Series (10.0.3 or 11.0.0) images on Alibaba Cloud Marketplace
In PAN-OS 8.1.2, Palo Alto introduced additional threat logging that is enabled with an OP/CLI command. This application is a tool that allows you to enable the feature on multiple firewalls directly or through Panorama.
Qwiklab- Palo Alto Networks VM-Series Firewall: Securing the GKE Perimeter
Prisma Cloud SQS poller to syslog
Suite of helper skillets and playbooks to simplify and validate Cortex Data Lake deployments
Auto Launch templates for Azure HA
VM-Series AutoScale Qwiklab
Resources for World Wide Public Sector customers
A docker image to reload Splunk apps on changes during Splunk app development
Palo Alto Networks Cortex hub client library
Palo Alto Networks Cortex Data Lake client library
Ansible roles and libraries for working with PAN-OS, Panorama, and Pan-Validation Skillets
Kafka exporter based on events exporter code
testing traffic
repeatable jinja templates for mssp services
An Ansible role for deploying the Palo Alto Networks Traps agent
Source code for using Autofocus (and other applications) to discern hash coverage of known and unknown artifacts.
Multi-Cloud Automation HOW
FQDN Serverless Service
Sample template for deploying VM-Series for AzureStack
PAN Cloud Python SDK Tutorial
Packer and Ansible project to build an automation utility vm
MineMeld extension for ThreatConnect
Script to read learned Cisco APIC EPG Endpoints and update PANW dynamic address groups.
Update AWS SG to quarantine hosts based upon trigger from FW threat log Edit Add topics
Networking Scripts
Upgrade all NSX-based VM-1000-HV firewalls to the same version
demo demo