certego / PcapMonkey
PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.
☆153Updated 3 weeks ago
Alternatives and similar repositories for PcapMonkey:
Users that are interested in PcapMonkey are comparing it to the libraries listed below
- Mapping NSM rules to MITRE ATT&CK☆71Updated 4 years ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆85Updated 2 years ago
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆261Updated 2 years ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆70Updated this week
- Suricata rules for network anomaly detection☆159Updated 3 weeks ago
- Log Entry to Sigma Rule Converter☆107Updated 3 years ago
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆187Updated 3 years ago
- simple YARA-based IOC scanner☆168Updated 2 months ago
- ☆78Updated 4 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆123Updated 3 years ago
- Import specific data sources into the Sigma generic and open signature format.☆78Updated 2 years ago
- PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…☆95Updated 3 years ago
- Cisco Orbital - Osquery queries by Talos☆132Updated 7 months ago
- How to Zeek Sysmon Logs!☆101Updated 3 years ago
- This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)☆101Updated 3 years ago
- Collecting & Hunting for IOCs with gusto and style☆238Updated 3 years ago
- Zeek IDS Dockerfile☆101Updated 2 years ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆61Updated last year
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Cuckoo running in a nested hypervisor☆128Updated 4 years ago
- Threat Alert Logic Repository☆92Updated 6 years ago
- This tool maps a file's behavior on MITRE ATT&CK matrix.☆58Updated 5 years ago
- A website and framework for testing NIDS detection☆57Updated 3 years ago
- Linux Incident Response☆90Updated 5 years ago
- The OTX Suricata Rule Generator can be used to create the rules and configuration for Suricata to alert on indicators from your OTX accou…☆109Updated 11 months ago
- Melody is a transparent internet sensor built for threat intelligence. Supports custom tagging rules and vulnerable application simulatio…☆140Updated 2 months ago
- Lupo - Malware IOC Extractor. Debugging module for Malware Analysis Automation☆106Updated 2 years ago
- A tool to assess data quality, built on top of the awesome OSSEM.☆77Updated 2 years ago
- Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…☆87Updated last week
- ☆43Updated 2 years ago