carolynduby / ApacheMetronWorkshop

Related projects: ⓘ

• apache / metron-bro-plugin-kafka
  Apache Metron
  ☆59Updated 3 years ago
• 0xtf / nsm-attack
  Mapping NSM rules to MITRE ATT&CK
  ☆68Updated 4 years ago
• OpenSOC / opensoc-vagrant
  Vagrantfile and scripts for building a disposable OpenSOC Cluster
  ☆29Updated 7 years ago
• stratosphereips / StratosphereTestingFramework
  The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere …
  ☆50Updated 6 years ago
• NVISOsecurity / ee-outliers
  Open-source framework to detect outliers in Elasticsearch events
  ☆203Updated last year
• counterflow-ai-archive / dragonfly-mle
  ☆52Updated this week
• ossec / ossec-rules
  A repository for OSSEC rules and decoders
  ☆51Updated last year
• stratosphereips / Manati
  A web-based tool to assist the work of the intuitive threat analysts.
  ☆110Updated 5 years ago
• rocknsm / rock-scripts
  Bro scripts for the ROCK platform. http://rocknsm.io
  ☆33Updated last year
• CityBaseInc / SIAC
  SIAC is an enterprise SIEM built on open-source technology.
  ☆114Updated 5 years ago
• hosom / file-extraction
  Extract files from network traffic with Zeek.
  ☆99Updated 4 years ago
• OpenSOC / opensoc-ui
  User interface for OpenSOC
  ☆100Updated 9 years ago
• securityclippy / elasticintel
  Serverless, low cost, threat intel aggregation for enterprise or personal use, backed by ElasticSearch.
  ☆139Updated last year
• reservoirlabs / bro-scripts
  ☆69Updated this week
• blacktop / docker-zeek
  Zeek IDS Dockerfile
  ☆99Updated last year
• abhinavbom / Threat-Intelligence-Hunter
  TIH is an intelligence tool that helps you in searching for IOCs across multiple openly available security feeds and some well known APIs…
  ☆148Updated 3 months ago
• alertflex / cnode
  alertflex controller
  ☆10Updated 8 months ago
• MITRECND / bro-http2
  Plugin for Zeek/Bro which provides http2 decoder/analyzer
  ☆30Updated 3 months ago
• SecurityRiskAdvisors / TALR
  Threat Alert Logic Repository
  ☆88Updated 5 years ago
• zeek / zeekctl
  Tool for managing Zeek deployments.
  ☆53Updated last month
• MattCarothers / mhn-core-docker
  Core elements of the Modern Honey Network implemented in Docker
  ☆32Updated 2 years ago
• pauloangelo / hogzilla
  Hogzilla is an Intrusion Detection System (IDS) supported by Snort, Apache Spark, HBase and libnDPI, which provides Network Anomaly Detec…
  ☆28Updated 6 years ago
• shendo / websnort
  Web service for scanning pcaps with snort
  ☆108Updated 6 years ago
• DanielSchwartz1 / SplunkForPCAP
  The PCAP Analyzer for Splunk includes useful Dashboards to analyze network packet capture files from Wireshark or Network Monitor (.pcap)…
  ☆40Updated 8 months ago
• OPNids / core
  OPNids GUI, API and systems backend
  ☆34Updated 5 years ago
• JPCERTCC / DetectLM
  Detecting Lateral Movement with Machine Learning
  ☆137Updated 6 years ago
• pevma / Suricata-Logstash-Templates
  Templates for Kibana/Logstash to use with Suricata IDPS
  ☆80Updated 8 years ago
• sooshie / secrepo
  Sweet, sweet, secrepo.com html.
  ☆133Updated 2 years ago
• salesforce / bro-sysmon
  How to Zeek Sysmon Logs!
  ☆100Updated 2 years ago
• SpiderLabs / IOCs-IDPS
  This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)
  ☆98Updated 3 years ago