chrismarget / cisco-l2t
Library and example applications for using/abusing the information-leaky L2Trace service on Cisco switches. PSIRT Advisory: cisco-sa-20190925-l2-traceroute
☆3Updated last year
Related projects ⓘ
Alternatives and complementary repositories for cisco-l2t
- A tool to generate log messages related to interfaces, neighbor cache (ARP,NDP), IP address, routing, FIB rules, traffic control.☆31Updated last month
- This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2☆14Updated 4 years ago
- FastIR Agent is a Windows service to execute FastIR Collector on demand☆14Updated 7 years ago
- Check IOC provided by a MISP instance on Suricata events☆17Updated 5 years ago
- The FastIR Server is a Web server to schedule FastIR Collector forensics collect thanks to the FastIR Agent☆12Updated 7 years ago
- Prototype system to monitor BGP routes and alert when anomalies are identified☆14Updated 5 years ago
- Zeek package to generate a SMB client fingerprint☆26Updated 4 years ago
- Threat hunting with EQL and Bro. This repo contains modifications to EQL and EQLLib to use BRO logs.☆8Updated 5 years ago
- DHCP Fingerprinting☆27Updated 3 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆37Updated last year
- An active domain name query tool to help keep track of domain name movements...☆15Updated 3 years ago
- D4 core software (server and sample sensor client)☆43Updated 10 months ago
- IDS Utility Belt For Automating/Testing Various Things☆30Updated 4 years ago
- Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.☆21Updated last year
- Public rules and samples for various automations through LimaCharlie.io☆11Updated 2 years ago
- ☆14Updated 6 years ago
- The plugin repository for Honeycomb, the honeypot framework by Cymmetria☆27Updated last year
- A Spicy protocol analyzer for WireGuard☆28Updated 4 years ago
- Analytics for Accounting logs from Network devices☆16Updated 3 years ago
- Virustotal Data to Timesketch☆17Updated 5 years ago
- A packer utility to create and capture DFIR Image for use AWS & Azure☆14Updated 5 years ago
- Yara rules for malicious javascript files from public repositories or written by me.☆12Updated 2 years ago
- Fake SMB and SAMR data☆10Updated 5 years ago
- ARDvark parses the Apple Remote Desktop (ARD) files to pull out application usage, user activity, and filesystem listings.☆34Updated last year
- Threat hunting repo for my independent study on threat hunting with OSQuery☆28Updated 6 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆15Updated 3 years ago
- Full Packet Capture for the Masses☆15Updated 6 years ago
- AYY LMAO☆21Updated 8 years ago
- ☆19Updated 4 years ago