H21lab / tsharkVM

Related projects ⓘ

Alternatives and complementary repositories for tsharkVM

• packetsifter / packetsifterTool
  PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…
  ☆93Updated 3 years ago
• StamusNetworks / suricata-language-server
  Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…
  ☆63Updated last month
• markuskont / pikksilm
  Look into EDR events from network
  ☆23Updated 6 months ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆35Updated 2 years ago
• mitre / engage
  MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.
  ☆60Updated 7 months ago
• CIRCL / factual-rules-generator
  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
  ☆76Updated 2 years ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆50Updated 4 months ago
• jacopodl / Pulsar
  Data exfiltration and covert communication tool
  ☆36Updated last year
• NVISOsecurity / nviso-cti
  ☆41Updated 7 months ago
• sandialabs / gait
  Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies
  ☆25Updated 7 months ago
• MISP / misp-wireshark
  Lua plugin to extract data from Wireshark and convert it into MISP format
  ☆47Updated last year
• brimdata / brimcap
  Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
  ☆76Updated 3 weeks ago
• theparanoids / rdfp
  Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
  ☆37Updated last year
• OTRF / openhunt
  ☆33Updated 3 years ago
• Cyb3rWard0g / docker-caldera
  Docker Container to deploy Mitre Caldera Automated Adversary Emulation System
  ☆24Updated 4 years ago
• activecm / smudge
  Passive OS detection based on SYN packets without Transmitting any Data
  ☆45Updated last year
• EmergingThreats / log4shell-detection
  ☆12Updated 2 years ago
• nturley3 / zeek-kerberos-haters-guide
  Kerberos Haters Guide to Zeek Threat Hunting
  ☆25Updated 3 years ago
• sebdraven / IOCmite
  Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert
  ☆37Updated 2 years ago
• fatihsirin / Tweettioc-Splunk-App
  Tweettioc Splunk App
  ☆20Updated 4 years ago
• SecurityRiskAdvisors / dredd
  Automated detection rule analysis utility
  ☆29Updated 2 years ago
• olafhartong / sysmon-modular-linux
  A repository of Sysmon For Linux configuration modules
  ☆15Updated 3 years ago
• fkie-cad / socbed
  A Self-Contained Open-Source Cyberattack Experimentation Testbed
  ☆35Updated last week
• OISF / suricata-intel-index
  Suricata rule and intel index
  ☆29Updated 3 weeks ago
• Security-Onion-Solutions / securityonion-soc
  ☆46Updated this week
• BinaryDefense / beacon-fronting
  A simple command line program to help defender test their detections for network beacon patterns and domain fronting
  ☆65Updated 2 years ago
• D4-project / BGP-Ranking
  BGP ranking is a free software to calculate the security ranking of Internet Service Provider (ASN)
  ☆69Updated 4 months ago
• rangercha / tshark_extractor
  python wrapper to use tshark for file extraction from the command line.
  ☆27Updated 5 years ago
• threathunters-io / QLOG
  Windows Security Logging
  ☆43Updated 2 years ago
• chaitanyakrishna / IOCScraper
  IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.
  ☆34Updated 2 years ago