andrewbeard / broworkshopLinks
Materials for the BSides NoVA/Charleston 2018 Bro Workshop
☆14Updated 2 months ago
Alternatives and similar repositories for broworkshop
Users that are interested in broworkshop are comparing it to the libraries listed below
Sorting:
- first commit☆20Updated last year
- A few quick recipes for those that do not have much time during the day☆22Updated 7 months ago
- Security Onion Elastic Stack☆46Updated 4 years ago
- Threat hunting repo for my independent study on threat hunting with OSQuery☆27Updated 7 years ago
- A packer utility to create and capture DFIR Image for use AWS & Azure☆15Updated 5 years ago
- Security Operations Center Multiple Purpose Tool, takes IP address input, conducts OSINT, conducts splunk, bro, fireeye, imperva, and fir…☆21Updated 7 years ago
- Traceroute improved wrapper for CSIRT and CERT operators☆38Updated 7 months ago
- Subscriptions to collect Windows Event Logs mapped to the MITRE ATT&CK model☆12Updated 4 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2☆14Updated 4 years ago
- Scoring Engine for CTF competitions☆47Updated 2 years ago
- Build Automated Machine Images for MISP☆28Updated last year
- Web based analysis platform for use with the AWS_IR command line tool.☆17Updated 8 years ago
- Things to know when DFIR occurs near a vault deployment.☆43Updated 7 years ago
- Duo MFA auditing tool to test users' likelihood of approving unexpected push notifications☆13Updated 7 years ago
- Exports MISP events to STIX and ingest into McAfee ESM☆15Updated 5 years ago
- A simple Docker container that serves the MITRE ATT&CK Navigator web app☆27Updated 2 years ago
- Python bindings for Yeti's API☆18Updated last year
- Universal Honey Pot☆29Updated 2 years ago
- Six Degrees of Domain Admin☆15Updated 7 years ago
- A python script to shift the timestamp on syslog data. Useful for forensicators combating time skew.☆21Updated 3 years ago
- ☆14Updated 7 years ago
- ☆53Updated 7 years ago
- Splunk App to assist Sysmon Threat Hunting☆38Updated 8 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Updated 4 years ago
- Bringing DevOps to Forensics☆34Updated 10 years ago
- Python module for evaluation of AWS account best practices around incident handling readieness.☆55Updated 4 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Updated last year
- DNS Enumeration and Reconnaissance Tool☆37Updated 9 years ago
- This repository is a curated list of pro bono incident response entities.☆20Updated last year
- ☆24Updated 5 years ago