cdpxe / nefias
Network Forensic & Anomaly Detection System; tailored for covert channel/network steganography detection
☆27Updated 9 months ago
Alternatives and similar repositories for nefias:
Users that are interested in nefias are comparing it to the libraries listed below
- Pure Honeypots with an automated bash script☆20Updated 3 years ago
- IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.☆34Updated 3 years ago
- ELKFH - Elastic, Logstash, Kibana, Filebeat and Honeypot (HTTP, HTTPS, SSH, RDP, VNC, Redis, MySQL, MONGO, SMB, LDAP)☆45Updated 3 years ago
- Custom security distro for remote penetration testing☆52Updated 3 years ago
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆32Updated 5 years ago
- ☆14Updated 4 years ago
- Agile Sandbox for analyzing Windows, Linux and macOS malware and execution behaviors☆67Updated last year
- EnumVolcano is an open source Bash script which is used to perform automated enumeration for privilege escalation. This tool is dedicated…☆24Updated 2 years ago
- A collection of tools for managing and automating vulnerability management.☆13Updated 2 years ago
- Strafer: A tool to detect potential infections in Elasticsearch instances☆27Updated 3 years ago
- ☆34Updated 3 weeks ago
- Hashes of infamous malware☆25Updated last year
- Penguin OS Forensic (or Flight) Recorder☆39Updated last month
- Fast DNS history enumeration tool for network and OSINT investigations☆17Updated 4 years ago
- On demand query API for https://github.com/davidonzo/Threat-Intel project.☆55Updated 8 months ago
- Deploy an "illegal" SOC to manage vulnerabilities on your city servers in minutes.☆19Updated 2 years ago
- Yet another OSINT automator.☆19Updated 4 years ago
- Central IoC scanner based on Loki☆20Updated 3 years ago
- A set of YARA rules for the AIL framework to detect leak or information disclosure☆39Updated 3 weeks ago
- Practical Information Sharing between Law Enforcement and CSIRT communities using MISP☆31Updated last year
- ☆11Updated 4 years ago
- Audit Powershell and search from known keywords in history #Blueteam☆25Updated 4 years ago
- ThreatBox is a standard and controlled Linux based attack platform. I've used a version of this for years. It started as a collection of …☆73Updated 3 months ago
- CTI-URLScan is a command line tool to enable analysts to search URLscan.io submissions. Pull screenshot and DOM content. As well as, auto…☆10Updated 3 years ago
- Log4Shell IOCs from CERT Orange Cyberdefense Threat Intelligence Datalake☆18Updated 2 years ago
- ☆15Updated 3 years ago
- Operating System testbed created with Terraform to test payloads, programs and compatibility on different OS versions. Supports AWS and A…☆18Updated last year
- Quick & Dirty DFIR scripts developed by Ebryx DFIR team to keep handy during field assignment☆14Updated 7 months ago
- OSINT tool to search, parse and dump only the open Elasticsearch and MongoDB directories that have the data you care about exposing☆46Updated 3 years ago
- A collection of Covid-19 related threat intelligence and resources.☆19Updated 4 years ago