From e94cf97337b62ef3c509634702479584598e82f5 Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Tue, 28 Aug 2018 16:44:46 +0200
Subject: [PATCH] chg: [tools] new tool https://github.com/tylabs/dovehawk
 added

---
 _pages/tools.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/_pages/tools.md b/_pages/tools.md
index 9afa771..20470f6 100644
--- a/_pages/tools.md
+++ b/_pages/tools.md
@@ -84,6 +84,7 @@ For the additional software created by the MISP project, check our [MISP project
 * [Cuckoo modified](https://github.com/spender-sandbox/cuckoo-modified) - heavily modified version of Cuckoo Sandbox including a [MISP reporting module](https://github.com/spender-sandbox/cuckoo-modified/blob/master/modules/reporting/misp.py) to put the information into a MISP instance.
 * [cve-search](https://github.com/cve-search) - a tool to perform local searches for known vulnerabilities include a [MISP plug-in](https://github.com/cve-search/Plugins/tree/master/plugins/plugins/MISP).
 * [DCSO TIE integration](https://github.com/DCSO/tie2misp) - DCSO integration with MISP.
+* [Dovehawk Bro Module](https://github.com/tylabs/dovehawk) - Bro+MISP for threat hunting.
 * [FireMISP](https://github.com/deralexxx/FireMISP) FireEye Alert json files to MISP Malware information sharing platform (Alpha).
 * [Hybrid analysis](https://www.hybrid-analysis.com/) exports in MISP format.
 * [IntelMQ](https://github.com/certtools/intelmq) support MISP to retrieve events and update tags.