certego / PcapMonkeyLinks
PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.
☆155Updated 4 months ago
Alternatives and similar repositories for PcapMonkey
Users that are interested in PcapMonkey are comparing it to the libraries listed below
Sorting:
- simple YARA-based IOC scanner☆169Updated this week
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆87Updated 2 years ago
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆263Updated 2 years ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆78Updated last month
- ☆43Updated 2 years ago
- Mapping NSM rules to MITRE ATT&CK☆71Updated 4 years ago
- Suricata rules for network anomaly detection☆167Updated 3 months ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆62Updated last year
- Snorpy is a python script the gives a Gui interface to help those new to snort create rules.☆63Updated 11 months ago
- This tool maps a file's behavior on MITRE ATT&CK matrix.☆59Updated 5 years ago
- Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)☆102Updated 3 weeks ago
- Linux Incident Response☆90Updated 5 years ago
- Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets☆139Updated 4 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- A honeypot for the Log4Shell vulnerability (CVE-2021-44228).☆91Updated 8 months ago
- A Sigma to Wazuh / OSSEC converter including a generated Windows Sysmon ruleset☆33Updated 5 years ago
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆189Updated 4 years ago
- A CALDERA plugin for ATT&CK Evaluations Round 1☆33Updated last year
- Melody is a transparent internet sensor built for threat intelligence. Supports custom tagging rules and vulnerable application simulatio…☆141Updated 5 months ago
- ☆77Updated 5 years ago
- Tools to interact with APTnotes reporting/index.☆103Updated 4 years ago
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆94Updated 3 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆121Updated 4 years ago
- Tweettioc Splunk App☆20Updated 4 years ago
- This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)☆104Updated 4 years ago
- PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform☆148Updated 3 years ago
- attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage☆113Updated 2 years ago
- Import specific data sources into the Sigma generic and open signature format.☆78Updated 3 years ago
- A tool to assess data quality, built on top of the awesome OSSEM.☆78Updated 3 years ago
- How to Zeek Sysmon Logs!☆102Updated 3 years ago