activecm / pcap-stats
Learn about a network from a pcap file or reading from an interface
☆27Updated 7 months ago
Related projects ⓘ
Alternatives and complementary repositories for pcap-stats
- Template for building a packet sniffer☆14Updated 7 months ago
- ☆34Updated 3 years ago
- ☆46Updated 2 years ago
- Incident Response Network Tools☆23Updated 3 years ago
- Volatility plugins developed and maintained by the community☆21Updated 2 months ago
- Corelight@Home script☆40Updated last year
- Library of threat hunts to get any user started!☆40Updated 4 years ago
- Run Velociraptor on Security Onion☆34Updated 2 years ago
- Open source training materials for law-enforcement and organisations interested in DFIR.☆56Updated 2 months ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 3 years ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆44Updated 2 years ago
- Repository for SPEED SIEM Use Case Framework☆52Updated 4 years ago
- Log4j Exploit Detection Logic for Zeek☆19Updated 6 months ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- My Jupyter Notebooks☆36Updated 7 months ago
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆65Updated 8 months ago
- ☆31Updated last month
- CSIRT Jump Bag☆27Updated 7 months ago
- A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry N…☆19Updated 3 months ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆19Updated 2 years ago
- CyCAT.org API back-end server including crawlers☆30Updated last year
- Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies☆25Updated 8 months ago
- A website and framework for testing NIDS detection☆56Updated 3 years ago
- The FASTEST way to consume threat intel.☆64Updated last year
- automate your MISP installs☆66Updated 4 years ago
- Indices for courses in SANS' Network Security Operations curriculum☆15Updated 8 years ago
- Passive OS detection based on SYN packets without Transmitting any Data☆45Updated last year
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆39Updated 2 years ago
- ☆29Updated 3 years ago
- A Spicy protocol analyzer for WireGuard☆28Updated 4 years ago