activecm / pcap-stats

Related projects ⓘ

Alternatives and complementary repositories for pcap-stats

• activecm / sniffer-template
  Template for building a packet sniffer
  ☆14Updated 7 months ago
• weslambert / securityonion-misp
  ☆34Updated 3 years ago
• corelight / threat-hunting-guide
  ☆46Updated 2 years ago
• CERT-Bund / IRNetTools
  Incident Response Network Tools
  ☆23Updated 3 years ago
• teamdfir / volatility-plugins-community
  Volatility plugins developed and maintained by the community
  ☆21Updated 2 months ago
• corelight / raspi-corelight
  Corelight@Home script
  ☆40Updated last year
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆40Updated 4 years ago
• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆34Updated 2 years ago
• neolea / neolea-training-materials
  Open source training materials for law-enforcement and organisations interested in DFIR.
  ☆56Updated 2 months ago
• alwashmi / MasterParser
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆23Updated 3 years ago
• Maboalenen / DFIR
  Incident response teams usually working on the offline data, collecting the evidence, then analyze the data
  ☆44Updated 2 years ago
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆52Updated 4 years ago
• corelight / cve-2021-44228
  Log4j Exploit Detection Logic for Zeek
  ☆19Updated 6 months ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆35Updated 2 years ago
• aboutsecurity / jupyter-notebooks
  My Jupyter Notebooks
  ☆36Updated 7 months ago
• splunk / attack-detections-collector
  Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique
  ☆65Updated 8 months ago
• 00010111 / smbtimeline
  ☆31Updated last month
• cudeso / CSIRT-Jump-Bag
  CSIRT Jump Bag
  ☆27Updated 7 months ago
• cti-cmm / framework
  A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry N…
  ☆19Updated 3 months ago
• eCrimeLabs / MISP2CbR
  Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.
  ☆19Updated 2 years ago
• CyCat-project / cycat-service
  CyCAT.org API back-end server including crawlers
  ☆30Updated last year
• sandialabs / gait
  Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies
  ☆25Updated 8 months ago
• 0xtf / testmynids.org
  A website and framework for testing NIDS detection
  ☆56Updated 3 years ago
• csirtgadgets / cif-v5
  The FASTEST way to consume threat intel.
  ☆64Updated last year
• da667 / AutoMISP
  automate your MISP installs
  ☆66Updated 4 years ago
• sans-blue-team / course_indices
  Indices for courses in SANS' Network Security Operations curriculum
  ☆15Updated 8 years ago
• activecm / smudge
  Passive OS detection based on SYN packets without Transmitting any Data
  ☆45Updated last year
• karthikkbala / MISP-QRadar-Integration
  The Project can be used to integrate QRadar with MISP Threat Sharing Platform
  ☆39Updated 2 years ago
• securitydistractions / elastimispstash
  ☆29Updated 3 years ago
• theparanoids / spicy-noise
  A Spicy protocol analyzer for WireGuard
  ☆28Updated 4 years ago