bez0r / BeaconBits
Network timing evaluation used to detect beacons, works with argus flow as the source
☆18Updated 8 years ago
Related projects: ⓘ
- IDS Utility Belt For Automating/Testing Various Things☆30Updated 3 years ago
- ☆12Updated 7 years ago
- Set of scripts to index PCAP files and retrieve packets☆14Updated 9 years ago
- Passive DNS visualization and Passive DNS server toolkit☆35Updated 12 years ago
- Debian and Red Hat packaging for SIE DNS sensor☆14Updated last year
- yara rules for crypto detection☆30Updated 10 years ago
- Help summarize a PCAP file☆33Updated 12 years ago
- A content inspecting SMTP proxy☆17Updated 10 years ago
- Scripts to detect Fast-Flux and DGA using DNS query responses☆42Updated 7 years ago
- Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files☆44Updated 4 months ago
- Download all packet captures from http://malware-traffic-analysis.net/☆19Updated 10 years ago
- ☆42Updated this week
- Workbench: A scalable python framework for security research and development teams.☆91Updated 4 years ago
- Metadata Inspection Database Alerting System☆41Updated 11 years ago
- CVE Builder script that generates STIX formatted Exploit Target objects☆18Updated 7 years ago
- ☆28Updated 7 years ago
- ☆19Updated this week
- Passive DNS V2☆62Updated 10 years ago
- Python scripts to parse scans.io ssl data and ingest into elasticsearch for searching☆33Updated 8 years ago
- OpenFlow Honeypot☆22Updated 11 years ago
- Multiple rules for yara-project for detect compiler/packer/protector☆32Updated 4 years ago
- Golang based web service to scan files with yara rules☆26Updated 7 years ago
- encoding format, library, and utilities for passive DNS data☆26Updated 5 months ago
- Python libary to normalize Yara signatures☆19Updated 3 years ago
- Meer (GPLv2) is a dedicated "spooler" for the Suricata & Sagan EVE output formats.☆23Updated 3 years ago
- ☆28Updated 7 years ago
- ☆35Updated last year
- Honeybrid is a network application built to 1) administrate network of honeypots, and 2) transparently redirect live network sessions (TC…☆31Updated 5 years ago
- ☆15Updated 5 months ago
- Exporting MISP event attributes to yara rules usable with Thor apt scanner☆22Updated 7 years ago