IQTLabs / packet_cafe

Related projects ⓘ

Alternatives and complementary repositories for packet_cafe

• CIRCL / potiron
  Potiron - Normalize, Index and Visualize Network Capture
  ☆83Updated 5 years ago
• NSkelsey / aaalm
  Generate network maps from packet captures
  ☆30Updated 5 years ago
• DynamiteAI / dynamite-nsm
  DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…
  ☆164Updated last year
• zeek / zeek-agent
  This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2
  ☆124Updated 4 years ago
• ccdcoe / CDMCS
  Cyber Defence Monitoring Course Suite :: Suricata, Arkime (and others in the past)
  ☆100Updated 5 months ago
• rocknsm / docket
  A RESTful API frontend for Stenographer
  ☆55Updated last year
• tylabs / dovehawk
  Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
  ☆121Updated 3 years ago
• certego / PcapMonkey
  PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.
  ☆144Updated 8 months ago
• google / GiftStick
  1-Click push forensics evidence to the cloud
  ☆139Updated 4 months ago
• D4-project / passive-ssh
  A Passive SSH back-end and scanner.
  ☆102Updated 5 months ago
• D4-project / d4-core
  D4 core software (server and sample sensor client)
  ☆43Updated 10 months ago
• tenzir / threatbus
  🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.
  ☆258Updated last year
• regit / suriwire
  Wireshark plugin to display Suricata analysis info
  ☆91Updated 3 years ago
• DCSO / balboa
  server for indexing and querying passive DNS observations
  ☆44Updated 10 months ago
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated 2 weeks ago
• corelight / json-streaming-logs
  Bro script package to create JSON formatted logs to stream into data analysis systems.
  ☆28Updated 11 months ago
• DevoInc / pCraft
  pCraft is a PCAP Crafter, which creates a PCAP from an AMI scenario.
  ☆89Updated 7 months ago
• trisulnsm / trisul-scripts
  Ready to run scripts for network analysis
  ☆84Updated 2 months ago
• IQTLabs / pcapplot
  PCAPPlot provides a quick visual snapshot, or thumbnail, of a network packet capture (PCAP file) from the perspective of a single host/de…
  ☆16Updated 3 years ago
• att / docker-forensics
  Tools to assist in forensicating docker
  ☆80Updated last month
• csirtgadgets / bearded-avenger
  CIF v3 -- the fastest way to consume threat intelligence
  ☆184Updated last year
• sttor / awesome-osquery
  Osquery Resources
  ☆59Updated 5 years ago
• InQuest / ThreatKB
  Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
  ☆96Updated 5 months ago
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆123Updated 2 months ago
• Yara-Rules / yara-endpoint
  Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
  ☆104Updated 6 years ago
• spitfire55 / MegaDev
  Bro IDS + ELK Stack to detect and block data exfiltration
  ☆46Updated 6 years ago
• CptOfEvilMinions / ChooseYourSIEMAdventure
  ☆17Updated 2 years ago
• assafmo / xioc
  Extract indicators of compromise from text, including "escaped" ones.
  ☆161Updated 4 years ago
• AUCR / AUCR
  Analyst Unknown Cyber Range - a micro web service framework
  ☆26Updated last year
• theparanoids / spicy-noise
  A Spicy protocol analyzer for WireGuard
  ☆28Updated 4 years ago