DanielSchwartz1 / SplunkForPCAPLinks
The PCAP Analyzer for Splunk includes useful Dashboards to analyze network packet capture files from Wireshark or Network Monitor (.pcap)
☆46Updated last month
Alternatives and similar repositories for SplunkForPCAP
Users that are interested in SplunkForPCAP are comparing it to the libraries listed below
Sorting:
- Security Onion Elastic Stack☆46Updated 5 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 4 years ago
- automate your MISP installs☆68Updated 5 years ago
- Sysmon Splunk App☆47Updated 7 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 7 years ago
- Integrate Zeek with Alienvault OTX☆25Updated 5 years ago
- Vulnerability Assessment Module - OpenVas with Elastic stack using VulnWhisperer☆19Updated 6 years ago
- ☆13Updated 6 years ago
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆65Updated 8 years ago
- WebUI of MineMeld☆43Updated 2 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆122Updated 4 years ago
- A website and framework for testing NIDS detection☆57Updated 4 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 3 years ago
- The Bro/Zeek language cheat sheet☆53Updated 12 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆40Updated 2 years ago
- Primary data pipelines for intrusion detection, security analytics and threat hunting☆85Updated 4 years ago
- A simple Docker container that serves the MITRE ATT&CK Navigator web app☆27Updated 2 years ago
- Download a list of suspected malicious IPs and Domains. Create a QRadar Reference Set. Search Your Environment For Malicious IPs☆69Updated 4 years ago
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆172Updated 2 years ago
- Bluewall is a firewall framework designed for offensive and defensive cyber professionals.☆106Updated 6 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆38Updated 3 years ago
- Splunk App to assist Sysmon Threat Hunting☆38Updated 8 years ago
- ☆35Updated 4 years ago
- This program exports MITRE ATT&CK framework in ELK dashboard☆80Updated 3 years ago
- ☆50Updated 5 years ago
- How to Zeek Sysmon Logs!☆103Updated 3 years ago
- A few scripts I put together for testing purposes and to automate a few capabilities while doing IR. These scripts are also part of my bl…☆55Updated 8 years ago
- ☆37Updated 5 years ago
- Alienvault OTX TAXII connector☆56Updated 8 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Updated last year