Packet Captures
☆408Jan 3, 2018Updated 8 years ago
Alternatives and similar repositories for packets
Users that are interested in packets are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- The gse-study repo was assembled to serve as a consolidated, and comprehensive, study solution for the SANS GSE exam.☆25Nov 11, 2018Updated 7 years ago
- Sysmon Tools for PowerShell☆12Aug 17, 2018Updated 7 years ago
- An informational repo about hunting for adversaries in your IT environment.☆1,876Nov 17, 2021Updated 4 years ago
- This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant ya…☆120Apr 14, 2021Updated 5 years ago
- Configuration files for the SOF-ELK VM☆1,738Jun 27, 2026Updated last week
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,598Jan 12, 2026Updated 5 months ago
- Training and support materials for MSTICPy☆18Jun 27, 2023Updated 3 years ago
- A set of Zeek scripts to detect ATT&CK techniques.☆624Jun 26, 2024Updated 2 years ago
- ☆2,405Oct 14, 2023Updated 2 years ago
- Public Repository of all Publicly Available Packet Captures that I've used or come across☆186Jan 17, 2013Updated 13 years ago
- ☆24Mar 29, 2020Updated 6 years ago
- Windows Events Attack Samples☆2,586Jan 24, 2023Updated 3 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆944Dec 12, 2023Updated 2 years ago
- Re-play Security Events☆1,776Mar 20, 2024Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Network Flow Basic Analysis Tool☆112May 2, 2022Updated 4 years ago
- PCAP Samples for Different Post Exploitation Techniques☆373Apr 29, 2021Updated 5 years ago
- Automate the creation of a lab environment complete with security tooling and logging best practices☆4,992Jul 6, 2024Updated last year
- Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana☆300Mar 19, 2026Updated 3 months ago
- Zeek support for Community ID flow hashing.☆37Jul 11, 2023Updated 2 years ago
- A repository of sysmon configuration modules☆3,066Jun 25, 2026Updated last week
- A repository for using windows event forwarding for incident detection and response☆1,334Sep 8, 2025Updated 9 months ago
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,507Jan 12, 2026Updated 5 months ago
- An IOC framework written in PowerShell☆19Jan 3, 2017Updated 9 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.☆573Dec 12, 2021Updated 4 years ago
- Scripts and a (future) library to improve users' interactions with the ATT&CK content☆595Dec 11, 2023Updated 2 years ago
- Bro PCAP Processing and Tagging API☆28Nov 9, 2017Updated 8 years ago
- Isolated, Scalable, & Lightweight Environment for Training☆112Jun 24, 2019Updated 7 years ago
- Splunk Boss of the SOC version 2 dataset.☆431Nov 1, 2022Updated 3 years ago
- Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK☆1,078Nov 28, 2024Updated last year
- ☆13Oct 7, 2019Updated 6 years ago
- Assimilate is a series of scripts for using the Naïve Bayes algorithm to find potential malicious activity in HTTP headers☆93Oct 15, 2017Updated 8 years ago
- Detection Ideas & Rules repository.☆179Sep 10, 2021Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Automated deployment scripts for the RockNSM network hunting distribution.☆454Jul 2, 2023Updated 3 years ago
- A Python implementation of the Community ID flow hashing standard☆24Nov 29, 2023Updated 2 years ago
- ☆58Jan 7, 2024Updated 2 years ago
- Example Suricata rules implementing some of my detection tactics☆22Jan 13, 2023Updated 3 years ago
- Security Onion Elastic Stack☆46Feb 1, 2021Updated 5 years ago
- Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management☆3,128Apr 16, 2021Updated 5 years ago
- Main Sigma Rule Repository☆10,665Jun 24, 2026Updated last week