WireLurkerDetector

Script for detecting the WireLurker malware family

ansible-pan

Ansible modules for Palo Alto Networks NGFWs

pan-os-python

The PAN-OS SDK for Python is a package to help interact with Palo Alto Networks devices (including physical and virtualized Next-generation Firewalls and Panorama). The pan-os-python SDK is object oriented and mimics the traditional interaction with the device via the GUI or CLI/API.

minemeld-core

Engine of MineMeld

iron-skillet

IronSkillet is a set of day-one configuration templates for PAN-OS to enable alignment with security best practices. See the Quick Start section below to get started using the template configurations.

terraform-templates

This repo contains Terraform templates to deploy infrastructure on AWS and Azure and to secure them using the Palo Alto Networks Next Generation Firewalls

azure

VM-Series ARM Templates for Microsoft Azure

Splunk-Apps

Palo Alto Networks App for Splunk leverages the data visibility provided by Palo Alto Networks next-generation firewalls and endpoint security with Splunk's extensive investigation and visualization capabilities to deliver an advanced security reporting and analysis tool.

pan-os-ansible

Ansible collection for PAN-OS

aws

VM-Series for Amazon Web Services

aws-transit-vpc

automated AWS transit vpc

minemeld-node-prototypes

Prototypes for MineMeld nodes

TransitGatewayDeployment

Creates a Transit Gateway with two server VPCs and a security VPC

pan-cortex-data-lake-python

Python idiomatic SDK for Cortex™ Data Lake.

pan-fca

Flexible Cloud Automation

report_to_misp

Parse a report and import the events into MISP

autofocus-lenz

A command line utility to aid in using autofocus for IR and research

Prisma-Enhanced-Remediation

Create custom auto-remediation solutions using serverless functions in the cloud.

evident-automation

Evident Security Platform Automation

minemeld-misp

MineMeld nodes for MISP

autofocus-client-library

A python client library for interfacing with the autofocus rest services

pan-stix

pan-stix

Azure-Transit-VNet

Azure security with VM-Series in a hub-and-spoke architecture

Splunk_TA_paloalto

The Palo Alto Networks Add-on for Splunk allows a Splunk® Enterprise or Splunk Cloud administrator to collect data from Palo Alto Networks Next-Generation Firewall devices and Advanced Endpoint Protection.

SafeNetworking

Read only mirror. To contribute or submit issues, please go to the website link --->

misp-to-autofocus

Script for pulling events from a MISP database and converting them to Autofocus queries.

gcp-two-tier

VM-Series templates for Google Cloud Platform

pyjarm

pyJARM is a library for doing JARM fingerprinting using python

panos-bootstrapper-ui

PAN-OS Bootstrapper UI provides a simple, example web-UI that consumes the PAN-OS Bootstrapper utility API.

panos-bootstrapper

A Utility to bootstrap a new PAN-OS NGFW. This utility provides an API only. An example web interface is provided here: https://github.com/PaloAltoNetworks/panos-bootstrapper-ui

appframeworklab

Next Generation Firewall AWS Lab

Splunk-App-Data-Generator

Sample data generator for the Splunk for Palo Alto Networks app.

ciscoise-miner

Cisco ISE session miner using pxGrid bulk download REST API

youtube-miner

MineMeld Miner for Youtube channels

PrismaCloud_TF_BulkOnboarding_and_AWS_Orgs

PAN_DUG

Dynamic User Group code for Palo Alto Networks devices

ignite2018-how16

repo for ignite 2018 hand on lab

XFF-to-User-ID-mapping

This solution maps XFF header source IP to User-ID allowing for blocking malicious sources when the VM-Series is behind a device that performs source NAT such as a load balancer.

pan-python-tools

A collection of utilities that users of pan-python might find useful

PrismaCloud-Serverless-Syslog

Prisma Cloud serverless function that can accept webhook and send alerts to syslog, S3, and SQS

HomeSkillet

Simple 2-zone internet gateway configuration for home use

microsoft_azure_virtual_wan

Implements the automation and integration framework to work with Azure Virtual WAN's and PANW to create VPN connections.

Intel-Framework

Intel Importer

alert_tags_acctgrp

Prisma Cloud alert csv output plus tags and account group names

minemeld-msgraph-secapi

MineMeld nodes for Microsoft Graph Security API

redlock-automation

gridmeld

Cisco ISE pxGrid to Palo Alto Networks MineMeld Gateway

pan-tort

pan_guard_duty

minemeld-taxii-ng

New TAXII Miner for MineMeld

GCP-AutoScaling

Google Cloud Auto Scaling Available Now

PrismaCFNOnboarding

Cloudformation Script to onboard accounts to Redlock

SkilletBuilder

Docs and tutorial for Skillet template building

azure-vm-monitoring

azure-new-v2

aws-elbhelper

Very targeted script that allows update of the FW NAT rules based on the dynamic AWS' ELB VIP changes

tcpsession

A python library to extract TCP sessions from PCAPs.

custom-imaging

Create custom VM-Series images on public cloud with upgraded PanOS, Plugin and Content versions

skilletlib

Tools and base classes for working with Skillets. Issues and feature requests are tracked here: https://gitlab.com/panw-gse/as/skilletlib/-/issues

vistoq

MSSP Demo Portal - Art of the Possible

pan-cnc

CNC: Chevy's, not Cadillacs. Rapid UI prototyping for all Palo Alto Networks WWSE demos and pocs.

pan_nlb_v1

This is the V1 (CFT) template to deploy an NLB architecture to AWS.

firebreak-box

firebreak: Fight fire with WildFire

prisma-cloud-ansible

Ansible collection for Prisma Cloud

aws_security_hub

Integration of IOC from AWS Security Hub with the VM-Series Firewall

minemeld-prisma-access

Miner for Prisma Access API

K12Skillet

The K-12 Skillet is indented for K-12 educational deployment configuration of the Palo Alto Networks NGFW

ansible-role-spatula

This Ansible role applies security best practice templates to Palo Alto Networks devices.

pan_aws_security_hub

This implementation integrates the AWS Security Hub insights and makes it actionable on the VM-Series FW.

minemeld-wd-atp

MineMeld nodes for MSFT WD ATP API

wildcardip-miner

MineMeld Miner extension to expand IPv4 wildcards into list of corresponding CDIR's

AzureNSG

Update Azure NSG to quarantine hosts based upon trigger from FW threat log

minemeld-cef

MineMeld Output node for CEF format

SyncServiceNow

A proof of concept to demonstrate synchronization of server assets and their attributes from ServiceNow into registered IP tags and dynamic address groups on a Palo Alto Networks next-generation firewall.

host-defender-token-refresher

pcs-alert-rpt-email

Generates alert report via email - reporting on top risks in last 24 hrs, top high risks and all risks, then breakdown by account. Also top 5 policies by count.

GSP490

Qwiklab- Palo Alto Networks VM-Series Firewall: Securing the GKE Perimeter

prismacloud_sqs_to_syslog

PrismaCloud-AcctGrps-Labels

panos-logging-skillets

Suite of helper skillets and playbooks to simplify and validate Cortex Data Lake deployments

Prisma_Cloud_AWS_Onboard

AccountGroupUpdate

skillet_ansible

Ansible collection for Skillets

autoscale

VM-Series AutoScale Qwiklab

panw-gse.skillets

Ansible roles and libraries for working with PAN-OS, Panorama, and Pan-Validation Skillets

onboard_aws_prisma

rl_export_policies

Script for exporting RedLock policies and their associated RQL into a CSV output file.

ansible-role-vmware-dagger

An Ansible role that synchronizes VMware vCenter virtual machine IP addresses and tags with PAN-OS.

pan-tort-source

Source code for using Autofocus (and other applications) to discern hash coverage of known and unknown artifacts.

nuage-connector

minemeld-threatconnect

MineMeld extension for ThreatConnect

APIC-EPG-DAG-Update

Script to read learned Cisco APIC EPG Endpoints and update PANW dynamic address groups.

AWSSG

Update AWS SG to quarantine hosts based upon trigger from FW threat log Edit Add topics

nsx-ngfw-version-match

Upgrade all NSX-based VM-1000-HV firewalls to the same version

cfn-vm-series-helper-demo

demo demo