corelight / cve-2021-44228Links
Log4j Exploit Detection Logic for Zeek
☆19Updated last year
Alternatives and similar repositories for cve-2021-44228
Users that are interested in cve-2021-44228 are comparing it to the libraries listed below
Sorting:
- Zeek support for Community ID flow hashing.☆37Updated 2 years ago
- Bro script package to create JSON formatted logs to stream into data analysis systems.☆29Updated last year
- ☆24Updated 5 years ago
- Integrate Zeek with Alienvault OTX☆25Updated 5 years ago
- Zeek plugin to generate data on per-packet sizes and intervals☆14Updated 5 years ago
- Plugin providing native AF_Packet support for Zeek.☆33Updated 2 months ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆20Updated 3 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆122Updated 4 years ago
- A website and framework for testing NIDS detection☆57Updated 4 years ago
- CIFv3 DeploymentKit☆64Updated 5 years ago
- A utility repo to assist with converting between MISP and STIX formats☆69Updated 4 years ago
- A Python library to help with some common threat hunting data analysis operations☆143Updated 2 years ago
- Zeek package to detect Zerologon☆11Updated 3 years ago
- Zeek Training Materials/Products☆40Updated this week
- ☆18Updated 10 months ago
- Specifications used in the MISP project including MISP core format☆52Updated 3 months ago
- TAXII client implementation from EclecticIQ☆103Updated 4 years ago
- Translate STIX 2 Patterning Queries☆31Updated 7 years ago
- Bro/Zeek integration with osquery☆94Updated 4 years ago
- ☆29Updated 4 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆40Updated 2 years ago
- The FASTEST way to consume threat intel.☆69Updated 2 years ago
- Zeek package to generate a SMB client fingerprint☆27Updated 5 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 3 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆74Updated last year
- ☆15Updated 7 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆123Updated 4 years ago
- Scripts for accessing and transforming cyber threat intelligence☆26Updated 9 years ago
- Volatility plugins developed and maintained by the community☆21Updated last year
- MineMeld nodes for MISP☆19Updated last year