brimdata / brimcapLinks
Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
☆82Updated last month
Alternatives and similar repositories for brimcap
Users that are interested in brimcap are comparing it to the libraries listed below
Sorting:
- Open source endpoint agent providing host information to Zeek. [v2]☆83Updated last week
- Suricata rules for network anomaly detection☆164Updated 2 months ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆72Updated this week
- ☆43Updated 2 years ago
- Collection of various open-source an commercial rulesets for NIDS (especially for Suricata and Snort)☆26Updated last year
- PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.☆153Updated 2 months ago
- Suricata Verification Tests - Testing Suricata Output☆109Updated last week
- PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…☆95Updated 4 years ago
- Anything Sysmon related from the MSTIC R&D team☆153Updated last year
- Lupo - Malware IOC Extractor. Debugging module for Malware Analysis Automation☆105Updated 3 years ago
- Active C2 IoCs☆99Updated 2 years ago
- simple YARA-based IOC scanner☆169Updated 4 months ago
- Cisco Orbital - Osquery queries by Talos☆134Updated 9 months ago
- 🚨ATTENTION🚨 The VERIS mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here …☆71Updated last year
- Suricata rule and intel index☆31Updated 2 months ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Mapping NSM rules to MITRE ATT&CK☆71Updated 4 years ago
- Melody is a transparent internet sensor built for threat intelligence. Supports custom tagging rules and vulnerable application simulatio…☆141Updated 4 months ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆87Updated 2 years ago
- This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)☆104Updated 3 years ago
- Data visualization for blue teams☆126Updated 2 years ago
- ☆96Updated 3 years ago
- Look into EDR events from network☆23Updated last month
- File analysis and management framework.☆85Updated last year
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆262Updated 2 years ago
- Visually inspect and force decode YARA and regex matches found in both binary and text data. With Colors.☆128Updated 6 months ago
- ☆68Updated 3 months ago
- How to Zeek Sysmon Logs!☆102Updated 3 years ago
- Source code used at TweetFeed.live☆42Updated 2 years ago
- ☆38Updated 7 months ago