IQTLabs / packet_cafe
A platform built for easy-to-use automated network traffic analysis
☆59Updated 2 years ago
Alternatives and similar repositories for packet_cafe:
Users that are interested in packet_cafe are comparing it to the libraries listed below
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆123Updated 4 years ago
- A RESTful API frontend for Stenographer☆54Updated 2 years ago
- Wireshark plugin to display Suricata analysis info☆93Updated 3 years ago
- Potiron - Normalize, Index and Visualize Network Capture☆85Updated 6 years ago
- Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.☆108Updated 7 years ago
- fast, extensible, versatile event router for Suricata's EVE-JSON format☆50Updated 2 weeks ago
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆170Updated last year
- Website crawler with YARA detection☆88Updated last year
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆123Updated 3 years ago
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆34Updated last month
- PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.☆153Updated last week
- Generate network maps from packet captures☆31Updated 5 years ago
- D4 core software (server and sample sensor client)☆42Updated last year
- A Spicy protocol analyzer for WireGuard☆29Updated 4 years ago
- pCraft is a PCAP Crafter, which creates a PCAP from an AMI scenario.☆89Updated 11 months ago
- Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files☆44Updated 10 months ago
- server for indexing and querying passive DNS observations☆45Updated 2 weeks ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- Network Tools☆32Updated last year
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆261Updated 2 years ago
- Structured Threat Intelligence Graph☆90Updated this week
- A lightweight tool to score network traffic and flag anomalies☆123Updated 7 months ago
- CIF v3 -- the fastest way to consume threat intelligence☆183Updated last year
- Cisco Orbital - Osquery queries by Talos☆131Updated 7 months ago
- Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.☆69Updated last year
- ☆33Updated 4 years ago
- Provide a shell like interface by utilizing osquery's distributed API☆81Updated 4 years ago
- 1-Click push forensics evidence to the cloud☆142Updated 9 months ago
- A website and framework for testing NIDS detection☆57Updated 3 years ago
- Specifications used in the MISP project including MISP core format☆51Updated 2 months ago