carolynduby / ApacheMetronWorkshop
Apache Metron Workshop Lab materials and instructions.
☆35Updated 4 years ago
Related projects: ⓘ
- Apache Metron☆59Updated 3 years ago
- Mapping NSM rules to MITRE ATT&CK☆68Updated 4 years ago
- Vagrantfile and scripts for building a disposable OpenSOC Cluster☆29Updated 7 years ago
- The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere …☆50Updated 6 years ago
- Open-source framework to detect outliers in Elasticsearch events☆203Updated last year
- ☆52Updated this week
- A repository for OSSEC rules and decoders☆51Updated last year
- A web-based tool to assist the work of the intuitive threat analysts.☆110Updated 5 years ago
- Bro scripts for the ROCK platform. http://rocknsm.io☆33Updated last year
- SIAC is an enterprise SIEM built on open-source technology.☆114Updated 5 years ago
- Extract files from network traffic with Zeek.☆99Updated 4 years ago
- User interface for OpenSOC☆100Updated 9 years ago
- Serverless, low cost, threat intel aggregation for enterprise or personal use, backed by ElasticSearch.☆139Updated last year
- ☆69Updated this week
- Zeek IDS Dockerfile☆99Updated last year
- TIH is an intelligence tool that helps you in searching for IOCs across multiple openly available security feeds and some well known APIs…☆148Updated 3 months ago
- alertflex controller☆10Updated 8 months ago
- Plugin for Zeek/Bro which provides http2 decoder/analyzer☆30Updated 3 months ago
- Threat Alert Logic Repository☆88Updated 5 years ago
- Tool for managing Zeek deployments.☆53Updated last month
- Core elements of the Modern Honey Network implemented in Docker☆32Updated 2 years ago
- Hogzilla is an Intrusion Detection System (IDS) supported by Snort, Apache Spark, HBase and libnDPI, which provides Network Anomaly Detec…☆28Updated 6 years ago
- Web service for scanning pcaps with snort☆108Updated 6 years ago
- The PCAP Analyzer for Splunk includes useful Dashboards to analyze network packet capture files from Wireshark or Network Monitor (.pcap)…☆40Updated 8 months ago
- OPNids GUI, API and systems backend☆34Updated 5 years ago
- Detecting Lateral Movement with Machine Learning☆137Updated 6 years ago
- Templates for Kibana/Logstash to use with Suricata IDPS☆80Updated 8 years ago
- Sweet, sweet, secrepo.com html.☆133Updated 2 years ago
- How to Zeek Sysmon Logs!☆100Updated 2 years ago
- This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)☆98Updated 3 years ago