DanielSchwartz1 / SplunkForPCAPLinks
The PCAP Analyzer for Splunk includes useful Dashboards to analyze network packet capture files from Wireshark or Network Monitor (.pcap) and network streaming data (Splunk App for Stream). The App includes Dashboards which will show you: - The Top Talker IP's, Protocols, VLANs, Conversations - Detailed overview about IP Conversations, Packet L…
☆43Updated last year
Alternatives and similar repositories for SplunkForPCAP
Users that are interested in SplunkForPCAP are comparing it to the libraries listed below
Sorting:
- WebUI of MineMeld☆43Updated 2 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- Download a list of suspected malicious IPs and Domains. Create a QRadar Reference Set. Search Your Environment For Malicious IPs☆69Updated 3 years ago
- A website and framework for testing NIDS detection☆57Updated 3 years ago
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆66Updated 7 years ago
- Snorpy is a python script the gives a Gui interface to help those new to snort create rules.☆63Updated 10 months ago
- Security Onion Elastic Stack☆46Updated 4 years ago
- Exports MISP events to STIX and ingest into McAfee ESM☆15Updated 5 years ago
- The Bro/Zeek language cheat sheet☆52Updated 12 years ago
- ☆20Updated 5 years ago
- Bro scripts for the ROCK platform. http://rocknsm.io☆34Updated 2 years ago
- Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.☆69Updated last year
- ☆49Updated 4 years ago
- A collection of notebooks built for defensive and offensive operations.☆77Updated 4 years ago
- Bluewall is a firewall framework designed for offensive and defensive cyber professionals.☆106Updated 6 years ago
- A RESTful API frontend for Stenographer☆54Updated 2 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 4 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 2 years ago
- Detecting DNS Spoofing, DNS Tunneling, DNS Exfiltration☆37Updated 9 years ago
- Primary data pipelines for intrusion detection, security analytics and threat hunting☆87Updated 3 years ago
- Wireshark plugin to display Suricata analysis info☆95Updated 3 years ago
- Mapping NSM rules to MITRE ATT&CK☆71Updated 4 years ago
- This program exports MITRE ATT&CK framework in ELK dashboard☆79Updated 2 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆121Updated 4 years ago
- Zeek support for Community ID flow hashing.☆36Updated 2 years ago
- Presentation Slides and Video links☆32Updated 3 years ago
- automate your MISP installs☆68Updated 5 years ago
- Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)☆102Updated last week
- Integrate Zeek with Alienvault OTX☆25Updated 4 years ago
- ☆55Updated 3 years ago