cisagov / MalcolmLinks
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
☆2,281Updated last week
Alternatives and similar repositories for Malcolm
Users that are interested in Malcolm are comparing it to the libraries listed below
Sorting:
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,510Updated last year
- A utility to safely generate malicious network traffic patterns and evaluate controls.☆1,340Updated last year
- Your Everyday Threat Intelligence☆1,936Updated last month
- Digging Deeper....☆3,612Updated last week
- Web app that provides basic navigation and annotation of ATT&CK matrices☆2,269Updated last week
- TheHive is a Collaborative Case Management Platform, now distributed as a commercial version☆3,870Updated 4 months ago
- Detect Tactics, Techniques & Combat Threats☆2,235Updated last month
- A Suricata based NDR distribution☆1,583Updated 2 months ago
- Cortex: a Powerful Observable Analysis and Active Response Engine☆1,518Updated last week
- Configuration files for the SOF-ELK VM☆1,702Updated this week
- Cyber Threat Intelligence Repository expressed in STIX 2.0☆1,990Updated 3 weeks ago
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆447Updated this week
- Re-play Security Events☆1,702Updated last year
- A repository of sysmon configuration modules☆2,928Updated last year
- A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…☆2,396Updated this week
- A toolset to make a system look as if it was the victim of an APT attack☆2,690Updated 2 months ago
- Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own in…☆4,221Updated this week
- MISP (core software) - Open Source Threat Intelligence and Sharing Platform☆6,035Updated this week
- Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.☆2,118Updated this week
- Cyber Analytics Repository☆968Updated 6 months ago
- YARA signature and IOC database for my scanners and tools☆2,816Updated this week
- Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.☆1,335Updated 2 years ago
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,401Updated last year
- Super timeline all the things☆1,969Updated 2 weeks ago
- An Active Defense and EDR software to empower Blue Teams☆1,312Updated 2 years ago
- PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highli…☆1,825Updated 3 years ago
- Collaborative Incident Response platform☆1,324Updated 2 weeks ago
- An informational repo about hunting for adversaries in your IT environment.☆1,832Updated 4 years ago
- Open Source Security Events Metadata (OSSEM)☆1,284Updated 2 years ago
- A curated Cyber "Security Orchestration, Automation and Response (SOAR)" awesome list.☆904Updated last year