0xxon / zeek-tls-log-alternativeLinks
Zeek scripts that provide an alternative log file logging TLS/SSL traffic
☆12Updated 4 years ago
Alternatives and similar repositories for zeek-tls-log-alternative
Users that are interested in zeek-tls-log-alternative are comparing it to the libraries listed below
Sorting:
- Download pcap files from http://www.malware-traffic-analysis.net/☆81Updated 8 years ago
- pyJARM is a library for doing JARM fingerprinting using python☆50Updated 9 months ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆38Updated 3 years ago
- Mapping NSM rules to MITRE ATT&CK☆73Updated 5 years ago
- DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic☆45Updated last year
- Growing collection of Spicy-based protocol and file analyzers for Zeek☆32Updated last year
- A Zeek package for the passive detection of "Ripple20" vulnerabilities in the Treck TCP/IP stack.☆33Updated 3 years ago
- A completely automated anomaly detector Zeek network flows files (conn.log).☆82Updated 5 months ago
- ☆44Updated 3 years ago
- zeek-scripts☆45Updated 7 years ago
- A python app to predict Att&ck tactics and techniques from cyber threat reports☆128Updated 2 years ago
- STIX 2.1 Visualizer, Attack and Activity Thread Graph for Threat Modeling☆33Updated last year
- Zeek plugin to generate data on per-packet sizes and intervals☆14Updated 5 years ago
- This module detects HTTP requests that are non RFC compliant and used for smuggling☆12Updated 2 years ago
- A Zeek script to generate features based on timing, volume and metadata for traffic classification.☆59Updated 5 years ago
- PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.☆161Updated 9 months ago
- Graph Representation of MITRE ATT&CK's CTI data☆51Updated 6 years ago
- 威胁检测规则集☆15Updated 6 years ago
- Repository collecting and automagically processing public threat intelligence reports.☆18Updated 5 years ago
- Exploit funcionales para pruebas de seguridad en entornos industriales☆11Updated 5 years ago
- This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)☆108Updated 4 years ago
- Explore Indicators of Compromise Automatically☆97Updated 5 years ago
- This tool maps a file's behavior on MITRE ATT&CK matrix.☆59Updated 5 years ago
- Data sets and examples for Jask Labs Blackhat 2017 Handout: Top 10 Machine Learning Cyber Security Use Cases☆30Updated 8 years ago
- Tools to interact with APTnotes reporting/index.☆108Updated 5 years ago
- "Linking Threat Tactics, Techniques, and Patterns with Defensive Weaknesses, Vulnerabilities and Affected Platform Configurations for Cyb…☆102Updated 2 months ago
- A simple way of detecting multithreaded exfiltration in Zeek.☆14Updated 8 months ago
- The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere …☆50Updated 7 years ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆62Updated 2 years ago
- Malicious actors often reuse code to deploy their malware, phishing website or CNC server. As a result, similiaries can be found on URLs …☆75Updated 2 years ago