cisagov / network-architecture-verification-and-validationLinks
The NAVV (Network Architecture Verification and Validation) tool creates a spreadsheet for network traffic analysis from PCAP data and Zeek logs, automating Zeek analysis of PCAP files, the collation of Zeek logs and the dissection of conn.log and dns.log to create a summary or network traffic in an XLSX-formatted spreadsheet.
☆35Updated last year
Alternatives and similar repositories for network-architecture-verification-and-validation
Users that are interested in network-architecture-verification-and-validation are comparing it to the libraries listed below
Sorting:
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆74Updated 2 weeks ago
- Sysmon and wazuh integration with Sigma sysmon rules [updated]☆70Updated 4 years ago
- Run Velociraptor on Security Onion☆40Updated 3 years ago
- ☆77Updated this week
- ☆72Updated 6 months ago
- Security Onion + Automation + Response Lab including n8n and Velociraptor☆112Updated 3 years ago
- Docker image for Velocidex Velociraptor☆137Updated 7 months ago
- Corelight@Home script☆44Updated 2 years ago
- Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies☆37Updated last month
- Collection of useful Canary tools☆91Updated 2 months ago
- Import CrowdStrike Threat Intelligence into your instance of MISP☆48Updated 4 months ago
- The ICS Advisory Project is an open-source project to provide DHS CISA ICS Advisories data in Comma Separated Value (CSV) format to suppo…☆85Updated last week
- Stand-Alone Windows Hardening (SAWH) is a script to reduce the attack surface of Windows systems that are not attached to a Windows Activ…☆53Updated 4 years ago
- A collection of tips for using MISP.☆74Updated 9 months ago
- Industrial Control Systems Network Protocol Parsers☆179Updated last month
- ☆53Updated 3 years ago
- A tool that allows you to document and assess any security automation in your SOC☆47Updated 11 months ago
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆161Updated 7 months ago
- Learn about a network from a pcap file or reading from an interface☆29Updated last year
- Integrate your Wazuh-Manager or Graylog with the SOCFortress Threat Intel Service☆30Updated last year
- Passive OS detection based on SYN packets without Transmitting any Data☆47Updated 2 years ago
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆95Updated 3 years ago
- Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translatin…☆126Updated 6 months ago
- DShield Sensor Log Collection with ELK☆41Updated 2 weeks ago
- ☆19Updated 3 years ago
- Extracts fields from zeek logs, compatible with zeek-cut☆23Updated last year
- SOARCA - The Open Source CACAO-based Security Orchestrator!☆83Updated last month
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆49Updated last year
- Repo for Automations and other solutions for Elastic SIEM/Security.☆18Updated 4 years ago
- MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.☆66Updated last year