activecm / sniffer-template

Related projects: ⓘ

• activecm / pcap-stats
  Learn about a network from a pcap file or reading from an interface
  ☆26Updated 5 months ago
• activecm / docker-zeek
  Run zeek with zeekctl in docker
  ☆46Updated last week
• weslambert / securityonion-misp
  ☆34Updated 3 years ago
• activecm / devprof
  Device profile: Define acceptable amounts of traffic for your devices and see a report of outliers.
  ☆16Updated 4 years ago
• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆66Updated last year
• corelight / threat-hunting-guide
  ☆43Updated 2 years ago
• activecm / smudge
  Passive OS detection based on SYN packets without Transmitting any Data
  ☆43Updated last year
• csirtgadgets / cif-v5
  The FASTEST way to consume threat intel.
  ☆62Updated last year
• activecm / threat-hunting-labs
  Collection of walkthroughs on various threat hunting techniques
  ☆73Updated 4 years ago
• zeek / zeek-aux
  Zeek Auxiliary Programs
  ☆26Updated 2 weeks ago
• corelight / raspi-corelight
  Corelight@Home script
  ☆39Updated 11 months ago
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 5 months ago
• Security-Onion-Solutions / securityonion-docs
  ☆84Updated last week
• teamdfir / volatility-plugins-community
  Volatility plugins developed and maintained by the community
  ☆21Updated 6 years ago
• mayhemiclabs / weblabyrinth
  A system that creates a bogus web structure to entrap and delay web scanners
  ☆52Updated 3 years ago
• da667 / AutoMISP
  automate your MISP installs
  ☆66Updated 4 years ago
• CERT-Bund / IRNetTools
  Incident Response Network Tools
  ☆22Updated 3 years ago
• adhdproject / honeyports
  a port made of honey for blocking people
  ☆11Updated 4 years ago
• santiago-bassett / Alienvault-Demo_scripts
  Scripts to inject demo data and network traffic into an existing Alienvault/OSSIM installation
  ☆22Updated 7 years ago
• CrowdStrike / MISP-tools
  Import CrowdStrike Threat Intelligence into your instance of MISP
  ☆40Updated this week
• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆34Updated 2 years ago
• MarkBaggett / reassembler
  Scapy packet fragment reassembly engines
  ☆34Updated 3 years ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆32Updated 2 years ago
• sans-blue-team / sec530-wiki
  ☆51Updated 3 years ago
• securitydistractions / elastimispstash
  ☆29Updated 3 years ago
• wagga40 / Mitre2Datatables
  Bring Your Own Mitre Att&ck © Matrix !
  ☆13Updated 11 months ago
• aboutsecurity / jupyter-notebooks
  My Jupyter Notebooks
  ☆36Updated 5 months ago
• 0xtf / testmynids.org
  A website and framework for testing NIDS detection
  ☆56Updated 3 years ago
• cmu-sei / topgen
  Scripts to generate an Internet simulation
  ☆34Updated last month
• karthikkbala / MISP-QRadar-Integration
  The Project can be used to integrate QRadar with MISP Threat Sharing Platform
  ☆37Updated 2 years ago