Javierop20 / joy2ja3

Related projects ⓘ

Alternatives and complementary repositories for joy2ja3

• 0xtf / testmynids.org
  A website and framework for testing NIDS detection
  ☆56Updated 3 years ago
• micrictor / smbfp
  Zeek package to generate a SMB client fingerprint
  ☆26Updated 4 years ago
• spitfire55 / MegaDev
  Bro IDS + ELK Stack to detect and block data exfiltration
  ☆46Updated 6 years ago
• DCSO / MISP-dockerized
  ☆33Updated 4 years ago
• zeek / zeek-osquery
  Bro/Zeek integration with osquery
  ☆95Updated 4 years ago
• Foundstone / InvestigationPlaybookSpec
  InvestigationPlaybookSpec
  ☆72Updated 7 years ago
• micrictor / spl-spt
  Zeek plugin to generate data on per-packet sizes and intervals
  ☆14Updated 4 years ago
• mixmodeai / bro_intel_linter
  Bro Intel Feed Linter
  ☆26Updated 5 years ago
• theparanoids / rdfp
  Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
  ☆37Updated last year
• SMAPPER / NXLog-AutoConfig
  ☆48Updated 4 years ago
• eCrimeLabs / MISP2CbR
  Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.
  ☆19Updated 2 years ago
• SCILabsMX / yaraZeekAlert
  This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…
  ☆60Updated 11 months ago
• sfakiana / FIRST-CTI-2019
  References for FIRST CTI 2019 Symposium presentation
  ☆23Updated 5 years ago
• carbonblack / cb-yara-connector
  Analyze binaries collected in VMware Carbon Black EDR against Yara rules.
  ☆36Updated last year
• rkovar / splunk-hunting-helpers
  ☆55Updated 2 years ago
• Neo23x0 / ti-falsepositives
  A collection of typical false positive indicators
  ☆54Updated 3 years ago
• BreakingMalwareResearch / YetiToElastic
  YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack
  ☆15Updated 3 years ago
• endgameinc / SANS_THIR16
  SANS Hunting on the Cheap
  ☆35Updated 8 years ago
• 0xThiebaut / sigmai
  Import specific data sources into the Sigma generic and open signature format.
  ☆77Updated 2 years ago
• stricaud / sightingdb
  SightingDB is a database for Sightings
  ☆21Updated last year
• csirtgadgets / bearded-avenger-deploymentkit
  CIFv3 DeploymentKit
  ☆63Updated 4 years ago
• markjx / search2018
  Tools to search through massive amounts of data
  ☆21Updated last week
• daveherrald / SA-attck_nav
  Splunk App for MITRE Att&CK Navigator(TM)
  ☆23Updated 3 years ago
• hxnoyd / ossem-power-up
  A tool to assess data quality, built on top of the awesome OSSEM.
  ☆76Updated 2 years ago
• Foundstone / ExpertInvestigationGuides
  Expert Investigation Guides
  ☆50Updated 3 years ago
• S03D4-164 / Hiryu
  IOC Management and Visualization Tool
  ☆47Updated last year
• kx499-zz / ostip
  ☆28Updated 7 years ago
• defensivedepth / Pertinax
  Integrating Sysinternals Autoruns’ logs into Security Onion
  ☆31Updated 9 months ago