brimdata / brimcapLinks
Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
☆92Updated 9 months ago
Alternatives and similar repositories for brimcap
Users that are interested in brimcap are comparing it to the libraries listed below
Sorting:
- PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.☆162Updated 10 months ago
- Open source endpoint agent providing host information to Zeek. [v2]☆90Updated last week
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆84Updated last month
- Suricata rules for network anomaly detection☆182Updated 2 months ago
- simple YARA-based IOC scanner☆175Updated 3 weeks ago
- Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives …☆167Updated last year
- Suricata Verification Tests - Testing Suricata Output☆118Updated last week
- ☆44Updated 3 years ago
- Cisco Orbital - Osquery queries by Talos☆136Updated last year
- MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.☆67Updated last year
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆38Updated 3 years ago
- Osquery Resources☆63Updated 6 years ago
- Pure python parser for Snort/Suricata rules.☆33Updated last year
- Look into EDR events from network☆25Updated 2 months ago
- Melody is a transparent internet sensor built for threat intelligence. Supports custom tagging rules and vulnerable application simulatio…☆140Updated 11 months ago
- ☆35Updated last week
- A MITRE Caldera plugin☆49Updated 3 months ago
- BGP ranking is a free software to calculate the security ranking of Internet Service Provider (ASN)☆77Updated 3 weeks ago
- IoT and Operational Technology Honeypot☆105Updated 2 years ago
- OASIS Cyber Threat Intelligence (CTI) TC: A repository for commonly used STIX objects in order to avoid needless duplication. https://gi…☆98Updated 8 months ago
- An open-source, real-time Security Information & Event Management tool based on big data technologies, providing a scalable, advanced sec…☆206Updated 10 months ago
- Incident Response - Fast suspicious file finder☆249Updated last week
- Suricata rule and intel index☆33Updated 3 weeks ago
- YaraScanner is a file pattern-matching tool based on YARA rules.☆60Updated 2 years ago
- Sagan is a multi-threads, high performance log analysis engine. At it's core, Sagan similar to Suricata/Snort but with logs rather th…☆191Updated 3 months ago
- Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translatin…☆128Updated 10 months ago
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆259Updated 3 years ago
- DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic☆45Updated last year
- ☆71Updated 7 years ago
- A lightweight tool to score network traffic and flag anomalies☆123Updated last year