cisagov / network-architecture-verification-and-validationLinks
The NAVV (Network Architecture Verification and Validation) tool creates a spreadsheet for network traffic analysis from PCAP data and Zeek logs, automating Zeek analysis of PCAP files, the collation of Zeek logs and the dissection of conn.log and dns.log to create a summary or network traffic in an XLSX-formatted spreadsheet.
☆35Updated last year
Alternatives and similar repositories for network-architecture-verification-and-validation
Users that are interested in network-architecture-verification-and-validation are comparing it to the libraries listed below
Sorting:
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆76Updated 2 weeks ago
- ☆72Updated 6 months ago
- Run Velociraptor on Security Onion☆40Updated 3 years ago
- A collection of tips for using MISP.☆74Updated 10 months ago
- Industrial Control Systems Network Protocol Parsers☆181Updated last month
- Security Onion + Automation + Response Lab including n8n and Velociraptor☆112Updated 3 years ago
- Stand-Alone Windows Hardening (SAWH) is a script to reduce the attack surface of Windows systems that are not attached to a Windows Activ…☆54Updated 4 years ago
- SOARCA - The Open Source CACAO-based Security Orchestrator!☆83Updated last month
- ☆53Updated 3 years ago
- ☆77Updated 3 weeks ago
- The ICS Advisory Project is an open-source project to provide DHS CISA ICS Advisories data in Comma Separated Value (CSV) format to suppo…☆86Updated last week
- Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies☆37Updated last month
- Corelight@Home script☆44Updated 2 years ago
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆94Updated 3 years ago
- A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry N…☆40Updated 6 months ago
- Sysmon and wazuh integration with Sigma sysmon rules [updated]☆70Updated 4 years ago
- DShield Sensor Log Collection with ELK☆42Updated last month
- This CALDERA Plugin converts Adversary Emulation Plans from the Center for Threat Informed Defense☆33Updated 3 weeks ago
- Run zeek with zeekctl in docker☆55Updated last year
- ☆74Updated 3 weeks ago
- Import CrowdStrike Threat Intelligence into your instance of MISP☆48Updated 4 months ago
- Docker image for Velocidex Velociraptor☆138Updated 7 months ago
- ☆55Updated 4 years ago
- MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.☆67Updated last year
- Integrate your Wazuh-Manager or Graylog with the SOCFortress Threat Intel Service☆30Updated last year
- Get started using Synapse Open-Source to start a Cortex and perform analysis within your area of expertise.☆48Updated 3 years ago
- Docker configurations for TheHive, Cortex and 3rd party tools☆127Updated 2 years ago
- The FASTEST way to consume threat intel.☆69Updated 2 years ago
- Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translatin…☆126Updated 6 months ago
- Collection of useful Canary tools☆92Updated 2 weeks ago