cisagov / network-architecture-verification-and-validation
The NAVV (Network Architecture Verification and Validation) tool creates a spreadsheet for network traffic analysis from PCAP data and Zeek logs, automating Zeek analysis of PCAP files, the collation of Zeek logs and the dissection of conn.log and dns.log to create a summary or network traffic in an XLSX-formatted spreadsheet.
☆27Updated 5 months ago
Related projects ⓘ
Alternatives and complementary repositories for network-architecture-verification-and-validation
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆66Updated last year
- Run Velociraptor on Security Onion☆34Updated 2 years ago
- Run zeek with zeekctl in docker☆49Updated last month
- Elastic TIP is a python tool which automates the process of aggregating Threat Intelligence and ingesting the intelligence into a common …☆27Updated 3 months ago
- An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…☆42Updated this week
- Repo for Automations and other solutions for Elastic SIEM/Security.☆18Updated 3 years ago
- Bro script package to create JSON formatted logs to stream into data analysis systems.☆28Updated 11 months ago
- Search a filesystem for indicators of compromise (IoC).☆68Updated 2 months ago
- Template for building a packet sniffer☆14Updated 7 months ago
- The FASTEST way to consume threat intel.☆64Updated last year
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆38Updated 2 years ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆37Updated 6 months ago
- ☆15Updated last year
- Incident Response Network Tools☆23Updated 3 years ago
- Explore the GOAD Active Directory lab in 5 minutes with Adalanche☆34Updated 10 months ago
- Import CrowdStrike Threat Intelligence into your instance of MISP☆41Updated 2 weeks ago
- ☆53Updated 3 years ago
- ☆47Updated last week
- CrowdStrike's Open Source Policy & Contribution Guide☆39Updated last year
- Passive OS detection based on SYN packets without Transmitting any Data☆45Updated last year
- Sysmon and wazuh integration with Sigma sysmon rules [updated]☆61Updated 3 years ago
- MITRE ATT&CK Based App in Power BI☆12Updated 8 months ago
- A collection of tips for using MISP.☆74Updated 7 months ago
- ☆18Updated 3 years ago
- Zeek support for Community ID flow hashing.☆34Updated last year
- Collection of Dashboards for Threat Hunting and more!☆58Updated 4 years ago
- Stand-Alone Windows Hardening (SAWH) is a script to reduce the attack surface of Windows systems that are not attached to a Windows Activ…☆50Updated 3 years ago
- Learn about a network from a pcap file or reading from an interface☆27Updated 7 months ago
- ☆29Updated 3 years ago
- ☆46Updated this week