brimdata / brimcapLinks
Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
☆88Updated 5 months ago
Alternatives and similar repositories for brimcap
Users that are interested in brimcap are comparing it to the libraries listed below
Sorting:
- PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.☆159Updated 6 months ago
- Open source endpoint agent providing host information to Zeek. [v2]☆86Updated 3 weeks ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆79Updated 3 months ago
- Suricata rules for network anomaly detection☆172Updated 5 months ago
- ☆43Updated 2 years ago
- MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.☆66Updated last year
- Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives …☆163Updated last year
- Suricata rule and intel index☆32Updated 2 weeks ago
- Melody is a transparent internet sensor built for threat intelligence. Supports custom tagging rules and vulnerable application simulatio…☆141Updated 7 months ago
- findCDN is a tool created to help accurately identify what CDN a domain is using.☆119Updated last week
- IoT and Operational Technology Honeypot☆104Updated last year
- Look into EDR events from network☆24Updated 5 months ago
- tshark + ELK analytics virtual machine☆69Updated 8 months ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆37Updated 3 years ago
- ☆58Updated this week
- simple YARA-based IOC scanner☆169Updated last month
- Suricata Verification Tests - Testing Suricata Output☆116Updated last week
- Collection of various open-source an commercial rulesets for NIDS (especially for Suricata and Snort)☆28Updated 2 years ago
- Pure python parser for Snort/Suricata rules.☆33Updated last year
- Cisco Orbital - Osquery queries by Talos☆135Updated last year
- IOCs published by Black Lotus Labs☆122Updated 2 weeks ago
- Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE…☆37Updated 4 months ago
- Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies☆37Updated last month
- A Self-Contained Open-Source Cyberattack Experimentation Testbed☆43Updated 3 months ago
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆257Updated 2 years ago
- ☆34Updated last week
- go-atomicredteam is a Golang application to execute tests as defined in the atomics folder of Red Canary's Atomic Red Team project (https…☆49Updated 2 years ago
- YaraScanner is a file pattern-matching tool based on YARA rules.☆58Updated 2 years ago
- Red Canary's eBPF Sensor☆109Updated 3 months ago
- Anything Sysmon related from the MSTIC R&D team☆156Updated last year