DevoInc / pCraft
pCraft is a PCAP Crafter, which creates a PCAP from an AMI scenario.
☆89Updated 5 months ago
Related projects: ⓘ
- SEC599 supporting GitHub repository☆14Updated 5 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆121Updated 3 years ago
- A website and framework for testing NIDS detection☆56Updated 3 years ago
- ☆31Updated 10 months ago
- This is a logon script used to detect the theft of credentials by tools such as Mimikatz☆116Updated 9 years ago
- All the IOC's I have gathered which are used directly involved coronavirus / covid-19 / SARS-CoV-2 cyber attack campaigns☆65Updated 3 years ago
- Cuckoo Sandbox is an automated dynamic malware analysis system☆106Updated 4 years ago
- Aktaion is a machine learning open source & active defense (orchestration) prototype. The tool focuses on the detection of exploits based…☆47Updated last year
- ☆44Updated this week
- Mitre Att&ck Technique Emulation☆82Updated 5 years ago
- Security Monitoring Resolution Categories☆138Updated 2 years ago
- The gse-study repo was assembled to serve as a consolidated, and comprehensive, study solution for the SANS GSE exam.☆25Updated 5 years ago
- A collection of typical false positive indicators☆54Updated 3 years ago
- This repository is created to add value to existing Network Security Monitoring solutions.☆41Updated 8 years ago
- Cisco Implant Raspberry Controlled Operations☆50Updated last year
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆59Updated 9 months ago
- An ELK environment containing interesting security datasets.☆131Updated 4 years ago
- A repo to document API functions mapped to security events across diverse platforms☆74Updated 4 years ago
- Extension to Cuckoo Sandbox open source projects, adds support to AWS cloud functionalities and enables running emulation on auto-scaling…☆134Updated 2 years ago
- Resolvn Threat Hunting Virtual Machine☆135Updated 5 years ago
- Repo containing docker-compose files and setup scripts without having to clone the individual reternal components☆107Updated 3 years ago
- PowerShell No Agent Hunting☆107Updated 6 years ago
- misp-cloud - Cloud-ready images of MISP☆70Updated 2 years ago
- A Splunk app with saved reports derived from Sigma rules☆72Updated 6 years ago
- ☆23Updated 4 years ago
- Prepare, Hunt, and Respond - Conceptual model against cyber attacks by JYVSECTEC☆60Updated 2 years ago
- Primary data pipelines for intrusion detection, security analytics and threat hunting☆86Updated 2 years ago
- ☆35Updated this week
- The project was moved here https://github.com/atomic-threat-coverage/atomic-threat-coverage☆23Updated 5 years ago
- Automatically create YARA rules from malicious documents.☆207Updated 2 years ago