StamusNetworks / suricata-analytics
☆25Updated 9 months ago
Related projects: ⓘ
- The Security Analyst’s Guide to Suricata☆49Updated 3 months ago
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆33Updated 3 weeks ago
- ☆43Updated 2 years ago
- Zeek support for Community ID flow hashing.☆32Updated last year
- Run zeek with zeekctl in docker☆46Updated last week
- Zeek Training Materials/Products☆34Updated 10 months ago
- Learn about a network from a pcap file or reading from an interface☆26Updated 5 months ago
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆37Updated 2 years ago
- A collection of tips for using MISP.☆74Updated 5 months ago
- A website and framework for testing NIDS detection☆56Updated 3 years ago
- Log4j Exploit Detection Logic for Zeek☆18Updated 4 months ago
- Dockerized Zeek☆10Updated 6 months ago
- The FASTEST way to consume threat intel.☆62Updated last year
- Cleanup of older MISP events can require some work until now☆22Updated last year
- MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats☆47Updated this week
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆60Updated 4 months ago
- Bro script package to create JSON formatted logs to stream into data analysis systems.☆27Updated 9 months ago
- Integrate Zeek with Alienvault OTX☆24Updated 4 years ago
- A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the…☆61Updated last year
- ☆34Updated 3 years ago
- Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…☆82Updated this week
- A Spicy protocol analyzer for WireGuard☆27Updated 4 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆49Updated 2 years ago
- Pulls IOCs from MISP and adds the to reference sets in QRadar☆33Updated last year
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆19Updated 2 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 3 years ago
- Zeek Auxiliary Programs☆26Updated 2 weeks ago
- txt2stix is a Python script that is designed to identify and extract IoCs and TTPs from text files, identify the relationships between th…☆21Updated 2 weeks ago
- Zeek plugin to generate data on per-packet sizes and intervals☆13Updated 4 years ago
- MineMeld nodes for MISP☆18Updated 7 months ago