activecm / pcap-stats
Learn about a network from a pcap file or reading from an interface
☆27Updated 7 months ago
Related projects ⓘ
Alternatives and complementary repositories for pcap-stats
- ☆46Updated 2 years ago
- Template for building a packet sniffer☆14Updated 7 months ago
- ☆34Updated 3 years ago
- Incident Response Network Tools☆23Updated 3 years ago
- Run zeek with zeekctl in docker☆49Updated last month
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆44Updated 2 years ago
- Converting data from services like Censys and Shodan to a common data model☆48Updated 2 months ago
- A collection of tips for using MISP.☆74Updated 7 months ago
- Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…☆83Updated 3 weeks ago
- Volatility plugins developed and maintained by the community☆21Updated last month
- ☆31Updated 2 weeks ago
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆65Updated 7 months ago
- Passive OS detection based on SYN packets without Transmitting any Data☆45Updated last year
- CSIRT Jump Bag☆27Updated 6 months ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies☆25Updated 7 months ago
- Run Velociraptor on Security Onion☆34Updated 2 years ago
- This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)☆30Updated 10 months ago
- Corelight@Home script☆40Updated last year
- Wrap any binary into a cached webserver☆53Updated 2 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆50Updated 2 years ago
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆38Updated 2 years ago
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆66Updated last year
- Open source training materials for law-enforcement and organisations interested in DFIR.☆55Updated last month
- automate your MISP installs☆66Updated 4 years ago
- Library of threat hunts to get any user started!☆40Updated 4 years ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆19Updated 2 years ago
- This repository is created to add value to existing Network Security Monitoring solutions.☆42Updated 8 years ago
- Collection of walkthroughs on various threat hunting techniques☆75Updated 4 years ago
- Collection of scripts provided for public use☆31Updated 3 weeks ago