andrewbeard / broworkshopLinks
Materials for the BSides NoVA/Charleston 2018 Bro Workshop
☆14Updated 2 weeks ago
Alternatives and similar repositories for broworkshop
Users that are interested in broworkshop are comparing it to the libraries listed below
Sorting:
- Build Automated Machine Images for MISP☆28Updated 2 years ago
- first commit☆20Updated last year
- Security Operations Center Multiple Purpose Tool, takes IP address input, conducts OSINT, conducts splunk, bro, fireeye, imperva, and fir…☆21Updated 8 years ago
- Threat hunting repo for my independent study on threat hunting with OSQuery☆27Updated 7 years ago
- Security Onion Elastic Stack☆46Updated 4 years ago
- A packer utility to create and capture DFIR Image for use AWS & Azure☆15Updated 5 years ago
- Core incident handling plugins for aws_ir cli, incident pony, and more.☆21Updated 6 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Updated 4 years ago
- Universal Honey Pot☆29Updated 2 years ago
- Things to know when DFIR occurs near a vault deployment.☆43Updated 7 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2☆14Updated 4 years ago
- AYY LMAO☆22Updated 9 years ago
- Honeypot log processor to create OTX Pulse entries☆28Updated last year
- Home to the ActorTrackr source code☆24Updated 8 years ago
- A python script to shift the timestamp on syslog data. Useful for forensicators combating time skew.☆21Updated 3 years ago
- ☆20Updated 5 years ago
- Traceroute improved wrapper for CSIRT and CERT operators☆38Updated 8 months ago
- A simple Docker container that serves the MITRE ATT&CK Navigator web app☆27Updated 2 years ago
- A virtual MediaWiki development environment, built on Vagrant, VirtualBox, and Puppet.☆16Updated 8 years ago
- Python bindings for Yeti's API☆18Updated last year
- Build your own threat hunting maturity model☆11Updated 7 years ago
- Web based analysis platform for use with the AWS_IR command line tool.☆17Updated 8 years ago
- ☆14Updated 7 years ago
- Various Python scripts that have come in handy but aren't important enough to get their own repository☆22Updated 4 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- PortPlow is a distributed port and system scanning & enumeration service. It enables the quick and automated enumeration of ports and ser…☆54Updated 7 months ago
- Duo MFA auditing tool to test users' likelihood of approving unexpected push notifications☆13Updated 7 years ago
- A collection of scripts that I've written while pentesting.☆31Updated 6 years ago
- A tool to catch spoofed NBNS responses.☆50Updated 7 years ago
- DNS Enumeration and Reconnaissance Tool☆37Updated 9 years ago