Script for detecting the WireLurker malware family
413 ★
Ansible modules for Palo Alto Networks NGFWs
197 ★
The PAN-OS SDK for Python is a package to help interact with Palo Alto Networks devices (including physical and virtualized Next-generation Firewalls and Panorama). The pan-os-python SDK is object oriented and mimics the traditional interaction with the device via the GUI or CLI/API.
192 ★
Engine of MineMeld
121 ★
IronSkillet is a set of day-one configuration templates for PAN-OS to enable alignment with security best practices. See the Quick Start section below to get started using the template configurations.
120 ★
This repo contains Terraform templates to deploy infrastructure on AWS and Azure and to secure them using the Palo Alto Networks Next Generation Firewalls
98 ★
VM-Series ARM Templates for Microsoft Azure
75 ★
Palo Alto Networks App for Splunk leverages the data visibility provided by Palo Alto Networks next-generation firewalls and endpoint security with Splunk's extensive investigation and visualization capabilities to deliver an advanced security reporting and analysis tool.
62 ★
Ansible collection for PAN-OS
57 ★
VM-Series for Amazon Web Services
49 ★
automated AWS transit vpc
38 ★
Prototypes for MineMeld nodes
31 ★
Creates a Transit Gateway with two server VPCs and a security VPC
30 ★
Python idiomatic SDK for Cortex™ Data Lake.
29 ★
Flexible Cloud Automation
26 ★
Parse a report and import the events into MISP
24 ★
A command line utility to aid in using autofocus for IR and research
23 ★
Create custom auto-remediation solutions using serverless functions in the cloud.
18 ★
Evident Security Platform Automation
MineMeld nodes for MISP
A python client library for interfacing with the autofocus rest services
pan-stix
Azure security with VM-Series in a hub-and-spoke architecture
16 ★
The Palo Alto Networks Add-on for Splunk allows a Splunk® Enterprise or Splunk Cloud administrator to collect data from Palo Alto Networks Next-Generation Firewall devices and Advanced Endpoint Protection.
15 ★
Read only mirror. To contribute or submit issues, please go to the website link --->
12 ★
Script for pulling events from a MISP database and converting them to Autofocus queries.
VM-Series templates for Google Cloud Platform
10 ★
pyJARM is a library for doing JARM fingerprinting using python
9 ★
PAN-OS Bootstrapper UI provides a simple, example web-UI that consumes the PAN-OS Bootstrapper utility API.
8 ★
A Utility to bootstrap a new PAN-OS NGFW. This utility provides an API only. An example web interface is provided here: https://github.com/PaloAltoNetworks/panos-bootstrapper-ui
Next Generation Firewall AWS Lab
Sample data generator for the Splunk for Palo Alto Networks app.
Cisco ISE session miner using pxGrid bulk download REST API
7 ★
MineMeld Miner for Youtube channels
6 ★
Dynamic User Group code for Palo Alto Networks devices
repo for ignite 2018 hand on lab
This solution maps XFF header source IP to User-ID allowing for blocking malicious sources when the VM-Series is behind a device that performs source NAT such as a load balancer.
A collection of utilities that users of pan-python might find useful
Prisma Cloud serverless function that can accept webhook and send alerts to syslog, S3, and SQS
5 ★
Simple 2-zone internet gateway configuration for home use
Implements the automation and integration framework to work with Azure Virtual WAN's and PANW to create VPN connections.
Intel Importer
Prisma Cloud alert csv output plus tags and account group names
4 ★
MineMeld nodes for Microsoft Graph Security API
Cisco ISE pxGrid to Palo Alto Networks MineMeld Gateway
New TAXII Miner for MineMeld
Google Cloud Auto Scaling Available Now
3 ★
Cloudformation Script to onboard accounts to Redlock
Docs and tutorial for Skillet template building
Very targeted script that allows update of the FW NAT rules based on the dynamic AWS' ELB VIP changes
A python library to extract TCP sessions from PCAPs.
2 ★
Create custom VM-Series images on public cloud with upgraded PanOS, Plugin and Content versions
Tools and base classes for working with Skillets. Issues and feature requests are tracked here: https://gitlab.com/panw-gse/as/skilletlib/-/issues
MSSP Demo Portal - Art of the Possible
CNC: Chevy's, not Cadillacs. Rapid UI prototyping for all Palo Alto Networks WWSE demos and pocs.
This is the V1 (CFT) template to deploy an NLB architecture to AWS.
firebreak: Fight fire with WildFire
Ansible collection for Prisma Cloud
1 ★
Integration of IOC from AWS Security Hub with the VM-Series Firewall
Miner for Prisma Access API
The K-12 Skillet is indented for K-12 educational deployment configuration of the Palo Alto Networks NGFW
This Ansible role applies security best practice templates to Palo Alto Networks devices.
This implementation integrates the AWS Security Hub insights and makes it actionable on the VM-Series FW.
MineMeld nodes for MSFT WD ATP API
MineMeld Miner extension to expand IPv4 wildcards into list of corresponding CDIR's
Update Azure NSG to quarantine hosts based upon trigger from FW threat log
MineMeld Output node for CEF format
A proof of concept to demonstrate synchronization of server assets and their attributes from ServiceNow into registered IP tags and dynamic address groups on a Palo Alto Networks next-generation firewall.
0 ★
Generates alert report via email - reporting on top risks in last 24 hrs, top high risks and all risks, then breakdown by account. Also top 5 policies by count.
Qwiklab- Palo Alto Networks VM-Series Firewall: Securing the GKE Perimeter
Suite of helper skillets and playbooks to simplify and validate Cortex Data Lake deployments
Ansible collection for Skillets
VM-Series AutoScale Qwiklab
Ansible roles and libraries for working with PAN-OS, Panorama, and Pan-Validation Skillets
Script for exporting RedLock policies and their associated RQL into a CSV output file.
An Ansible role that synchronizes VMware vCenter virtual machine IP addresses and tags with PAN-OS.
Source code for using Autofocus (and other applications) to discern hash coverage of known and unknown artifacts.
MineMeld extension for ThreatConnect
Script to read learned Cisco APIC EPG Endpoints and update PANW dynamic address groups.
Update AWS SG to quarantine hosts based upon trigger from FW threat log Edit Add topics
Upgrade all NSX-based VM-1000-HV firewalls to the same version
demo demo