A lightweight tool to score network traffic and flag anomalies
☆123Aug 7, 2024Updated last year
Alternatives and similar repositories for nfr
Users that are interested in nfr are comparing it to the libraries listed below
Sorting:
- A utility to safely generate malicious network traffic patterns and evaluate controls.☆1,360Apr 4, 2024Updated last year
- How to Zeek Sysmon Logs!☆103Feb 12, 2022Updated 4 years ago
- This repository contains tools used by 401trg.☆20Apr 14, 2021Updated 4 years ago
- PhishDetect is a library to help identify phishing pages☆108May 11, 2023Updated 2 years ago
- Quickly generate suricata rules for IOCs☆28Apr 30, 2021Updated 4 years ago
- A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).☆16Dec 19, 2018Updated 7 years ago
- Sample data generator for the Splunk for Palo Alto Networks app.☆12Sep 25, 2016Updated 9 years ago
- Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.☆108Mar 13, 2018Updated 8 years ago
- Codex Gigas malware DNA profiling search engine discovers malware patterns and characteristics assisting individuals who are attracted in…☆156Dec 20, 2019Updated 6 years ago
- Extract TLS certificates from pcap files or network interfaces, fingerprint TLS client/server interactions with ja3/ja3s☆37Jan 8, 2020Updated 6 years ago
- This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant ya…☆120Apr 14, 2021Updated 4 years ago
- ☆15Aug 8, 2017Updated 8 years ago
- An open source framework for enterprise level automated analysis.☆394Jun 27, 2022Updated 3 years ago
- Tools for the Computer Incident Response Team☆150Apr 17, 2017Updated 8 years ago
- ☆10Apr 8, 2018Updated 7 years ago
- Bro/Zeek integration with osquery☆93Nov 2, 2020Updated 5 years ago
- Providing timelines based on OSINT Reports☆31Jun 21, 2023Updated 2 years ago
- Collect autorun records from running system☆60Jan 21, 2022Updated 4 years ago
- Bro PCAP Processing and Tagging API☆28Nov 9, 2017Updated 8 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆40Jun 20, 2023Updated 2 years ago
- A MITRE Caldera plugin written in Python 3 used to convert Red Canary Atomic Red Team Tests to MITRE Caldera Stockpile YAML ability files…☆73Oct 14, 2021Updated 4 years ago
- Repository for all cbapi example scripts☆16Sep 18, 2018Updated 7 years ago
- ☆12Apr 23, 2020Updated 5 years ago
- FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network …☆681Oct 28, 2023Updated 2 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Queries to parse sysmon event log file with microsoft logparser☆58Mar 31, 2015Updated 10 years ago
- A curated lust of awesome cyber civil society actors, project etc.☆10Jul 16, 2020Updated 5 years ago
- A Maltego transform for VirusTotal Submitter Information☆36May 15, 2019Updated 6 years ago
- A mapping of used malware names to commonly known family names☆63Feb 21, 2023Updated 3 years ago
- "A Practical Recipe for Hardware Implants" presentation materials.☆13Nov 10, 2020Updated 5 years ago
- Automated, Collection, and Enrichment Platform☆324Nov 14, 2019Updated 6 years ago
- Suricata rule and intel index☆33Updated this week
- ☆42Sep 16, 2022Updated 3 years ago
- OSSEC Decoder & Rulesets for Sysmon Events☆15Jul 23, 2015Updated 10 years ago
- automate your MISP installs☆68Jul 10, 2020Updated 5 years ago
- Yet Another YARA rule Generator☆65Oct 9, 2018Updated 7 years ago
- Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research☆53Mar 16, 2018Updated 8 years ago
- Historical list of {Cobalt Strike,NanoHTTPD} servers☆120Apr 30, 2019Updated 6 years ago
- D4 core software (server and sample sensor client)☆43Dec 23, 2023Updated 2 years ago