Steve McCanne's Sharkfest '21 Talk
☆16Oct 12, 2021Updated 4 years ago
Alternatives and similar repositories for sharkfest-21
Users that are interested in sharkfest-21 are comparing it to the libraries listed below
Sorting:
- A Zeek plugin to POST logs over HTTP.☆13Feb 10, 2020Updated 6 years ago
- Bro analyzer that detects Google's QUIC protocol☆10Mar 2, 2021Updated 5 years ago
- Zeek plugin to generate data on per-packet sizes and intervals☆14Apr 21, 2020Updated 5 years ago
- Incremental Machine Leaning by example - Detecting suspicious activity in real time with Zeek data streams, River and JA3 hashes☆16Aug 10, 2022Updated 3 years ago
- ☆18Jun 8, 2018Updated 7 years ago
- (kinda) Malicious Outlook Reader☆19Mar 2, 2021Updated 5 years ago
- OSSEC Decoder & Rulesets for Sysmon Events☆15Jul 23, 2015Updated 10 years ago
- PyCommand Scripts for Immunity Debugger☆37Jun 21, 2014Updated 11 years ago
- Releases for the Zui Insiders app.☆22Feb 17, 2025Updated last year
- Zeek network security monitor plugin that enables parsing of the Tabular Data Stream (TDS) protocol☆25May 30, 2024Updated last year
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Feb 20, 2024Updated 2 years ago
- Time-Machine Dynamic Bulk Packet Recorder☆36Apr 21, 2025Updated 10 months ago
- Presentation Slides and Video links☆32Nov 8, 2021Updated 4 years ago
- This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)☆37Jan 2, 2024Updated 2 years ago
- Simulates a compromise in a cloud and container environment☆34Dec 18, 2024Updated last year
- Zeek network security monitor plugin that enables parsing of the BACnet standard building controls protocol☆30Apr 23, 2025Updated 10 months ago
- Growing collection of Spicy-based protocol and file analyzers for Zeek☆32Sep 16, 2024Updated last year
- Searches for Insider Threat Hunting☆29May 2, 2019Updated 6 years ago
- Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE☆33May 25, 2024Updated last year
- morphHTA - Morphing Cobalt Strike's evil.HTA☆10Jun 3, 2017Updated 8 years ago
- Fork of setblocksize☆10Jan 17, 2019Updated 7 years ago
- Network Shredder IDS☆11Aug 14, 2024Updated last year
- Stolemojis never die. A collection of Slack emojis from past, present, and future companies.☆10Feb 5, 2026Updated 3 weeks ago
- LILLY - Latex Framework☆12Jul 29, 2021Updated 4 years ago
- Small program to generate a Graphviz dot file to visualize a SQLite schema and foreign keys structure☆13Mar 6, 2017Updated 8 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆39Aug 18, 2022Updated 3 years ago
- Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)☆92Apr 25, 2025Updated 10 months ago
- Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files☆44May 9, 2024Updated last year
- Zeek network security monitor plugin that enables parsing of the S7 protocol☆41May 30, 2024Updated last year
- TLD records archive. Revisiting the original TLDR project by mandatoryprogrammer, on the hunt for more root nameserver changes.☆11Dec 4, 2022Updated 3 years ago
- Wrapper for TSK (Sleuth Kit) Bindings☆12Jan 10, 2023Updated 3 years ago
- Small bash function library to turn on bash options that enhance robustness of scripts.☆17Apr 17, 2025Updated 10 months ago
- ☆10Dec 24, 2022Updated 3 years ago
- Volatility 3 plugins to extract a module as complete as possible☆12Jun 13, 2023Updated 2 years ago
- Malicious traffic detection system☆11Nov 2, 2022Updated 3 years ago
- List of links and resources referred to in my SANS OSINT Summit 2024 Talk "OSINT On The Russian Internet"☆11Feb 29, 2024Updated 2 years ago
- Help deobfuscate VBScript☆18Jul 1, 2022Updated 3 years ago
- All my POC related to malware development☆15Feb 19, 2026Updated 2 weeks ago
- Star Trek Game☆13Feb 16, 2021Updated 5 years ago