Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
☆92Apr 25, 2025Updated 10 months ago
Alternatives and similar repositories for brimcap
Users that are interested in brimcap are comparing it to the libraries listed below
Sorting:
- A simple way of detecting multithreaded exfiltration in Zeek.☆15May 1, 2025Updated 9 months ago
- sample input data for zq☆15Nov 21, 2025Updated 3 months ago
- Growing collection of Spicy-based protocol and file analyzers for Zeek☆32Sep 16, 2024Updated last year
- Releases for the Zui Insiders app.☆22Feb 17, 2025Updated last year
- Zui is a powerful desktop application for exploring and working with data. The official front-end to the Zed lake.☆1,924Feb 3, 2026Updated 3 weeks ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆39Aug 18, 2022Updated 3 years ago
- SACTI - Securely aggregate CTI sightings and report them on MISP☆14Oct 24, 2022Updated 3 years ago
- An analytics database that puts JSON and relational tables on equal footing☆1,524Updated this week
- Corelight-Ansible-Roles are a collection of Ansible Roles and playbooks that install, configure, run and manage a variety of Corelight, S…☆16Jun 15, 2021Updated 4 years ago
- Steve McCanne's Sharkfest '21 Talk☆16Oct 12, 2021Updated 4 years ago
- Practical Information Sharing between Law Enforcement and CSIRT communities using MISP☆35Sep 18, 2023Updated 2 years ago
- fast, extensible, versatile event router for Suricata's EVE-JSON format☆57Nov 20, 2025Updated 3 months ago
- Kafka connector to sync Zed lakes to and from Kafka topics☆18Dec 4, 2025Updated 2 months ago
- Incident Notification Platform by @NC3-LU☆11Updated this week
- ☆58Mar 4, 2022Updated 3 years ago
- An open standard for hashing network flows into identifiers, a.k.a "Community IDs".☆195Sep 23, 2024Updated last year
- This repository contains tools used by 401trg.☆20Apr 14, 2021Updated 4 years ago
- SightingDB is a database for Sightings☆22Jun 21, 2023Updated 2 years ago
- Taranis NG is an OSINT gathering and analysis tool for CSIRT teams and organisations. It allows team-to-team collaboration, and contains …☆10Oct 17, 2023Updated 2 years ago
- The Advanced Vulnerability Information Sharing Environment -- A Platform for CVD and PSIRT Management☆10Jan 30, 2024Updated 2 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆40Jun 20, 2023Updated 2 years ago
- A specialized implementation of the Hierarchical Navigable Small World (HNSW) data structure adapted for efficient nearest neighbor looku…☆10Jan 26, 2026Updated last month
- Corelight@Home script☆46Oct 5, 2023Updated 2 years ago
- A Python implementation of the Community ID flow hashing standard☆23Nov 29, 2023Updated 2 years ago
- A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the…☆62Nov 26, 2025Updated 3 months ago
- Zeek network security monitor plugin that enables parsing of the Tabular Data Stream (TDS) protocol☆25May 30, 2024Updated last year
- ☆42Sep 16, 2022Updated 3 years ago
- A Postfix filter which takes a piped message and submits it to Cuckoo Sandbox☆11Apr 3, 2016Updated 9 years ago
- All my POC related to malware development☆15Feb 19, 2026Updated last week
- suricata rules to pcap☆10Mar 25, 2021Updated 4 years ago
- A libre software which is providing a backend architecture for collecting data from probes and storing proof of checks.☆11Jan 16, 2026Updated last month
- Passive Bitcoin Project☆10Aug 10, 2015Updated 10 years ago
- ☆10Apr 10, 2024Updated last year
- Ivanti Pulse Secure CVE-2023-46805 Scanner - Based on Assetnote's Research☆12Jan 19, 2024Updated 2 years ago
- Zeek IDS Dockerfile☆101Dec 5, 2022Updated 3 years ago
- Zeek network security monitor plugin that enables parsing of the Ethernet/IP and Common Industrial Protocol standards☆46May 30, 2024Updated last year
- Zeek-Formatted Threat Intelligence Feeds☆385Updated this week
- A privacy-aware exchange module to securely and privately share your indicators☆14Aug 23, 2017Updated 8 years ago
- a go daemon to manage your elasticsearch indices☆13Oct 12, 2018Updated 7 years ago