cisagov / network-architecture-verification-and-validation
The NAVV (Network Architecture Verification and Validation) tool creates a spreadsheet for network traffic analysis from PCAP data and Zeek logs, automating Zeek analysis of PCAP files, the collation of Zeek logs and the dissection of conn.log and dns.log to create a summary or network traffic in an XLSX-formatted spreadsheet.
☆30Updated 9 months ago
Alternatives and similar repositories for network-architecture-verification-and-validation:
Users that are interested in network-architecture-verification-and-validation are comparing it to the libraries listed below
- Run Velociraptor on Security Onion☆37Updated 2 years ago
- Stand-Alone Windows Hardening (SAWH) is a script to reduce the attack surface of Windows systems that are not attached to a Windows Activ…☆51Updated 3 years ago
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆71Updated last year
- The FASTEST way to consume threat intel.☆68Updated last year
- ☆52Updated this week
- ☆68Updated 7 months ago
- A packet capture visualizer for industrial control networks.☆52Updated last year
- Passive OS detection based on SYN packets without Transmitting any Data☆46Updated last year
- Incident Response Network Tools☆24Updated 3 years ago
- Repo for Automations and other solutions for Elastic SIEM/Security.☆18Updated 3 years ago
- Learn about a network from a pcap file or reading from an interface☆28Updated 11 months ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆39Updated 10 months ago
- A collection of tips for using MISP.☆74Updated 3 months ago
- The ICS Advisory Project is an open-source project to provide DHS CISA ICS Advisories data in Comma Separated Value (CSV) format to suppo…☆77Updated this week
- Run zeek with zeekctl in docker☆51Updated 6 months ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆18Updated 4 years ago
- Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies☆28Updated last year
- Template for building a packet sniffer☆14Updated 11 months ago
- ☆51Updated 3 years ago
- This script provides a Python library with methods to authenticate to various sources of threat intelligence and query IPs for the latest…☆18Updated last month
- ☆54Updated 3 years ago
- ☆19Updated 3 years ago
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆39Updated 2 years ago
- Tool used to perform threat intelligence against packet data☆35Updated last month
- ☆16Updated 3 years ago
- ☆48Updated last week
- Log4j Exploit Detection Logic for Zeek☆19Updated 10 months ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆34Updated 2 years ago
- Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…☆49Updated this week
- Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.☆44Updated 4 years ago