corelight / detect-ransomware-filenamesView external linksLinks
☆18Dec 20, 2024Updated last year
Alternatives and similar repositories for detect-ransomware-filenames
Users that are interested in detect-ransomware-filenames are comparing it to the libraries listed below
Sorting:
- Zeek package to detect Zerologon☆11Nov 10, 2021Updated 4 years ago
- Zeek package for tracking long connections to report them before they have completed.☆31Nov 25, 2025Updated 2 months ago
- Zeek plugin to generate data on per-packet sizes and intervals☆14Apr 21, 2020Updated 5 years ago
- Zeek package for detecting the Eternal* exploits and a set of SMBv1 protocol violations.☆19Aug 21, 2025Updated 5 months ago
- Log4j Exploit Detection Logic for Zeek☆19Nov 25, 2025Updated 2 months ago
- Plugin providing native AF_Packet support for Zeek.☆33Oct 22, 2025Updated 3 months ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆40Jun 20, 2023Updated 2 years ago
- Dockerized Zeek☆12Mar 9, 2024Updated last year
- Top DNS Measurement for Bro☆11Aug 22, 2020Updated 5 years ago
- Bro Detection Scripts☆10Mar 9, 2021Updated 4 years ago
- Extensions for Zeek's Intelligence Framework.☆11Mar 1, 2022Updated 3 years ago
- ☆22Aug 16, 2025Updated 5 months ago
- A fuzz demo for windows driver based on IoControlCode☆12May 25, 2018Updated 7 years ago
- A Bro package to identify connections that are bursting (lots of data and transferring quickly).☆13Oct 15, 2020Updated 5 years ago
- Enables Zeek to communicate with Tenzir☆11Jul 20, 2023Updated 2 years ago
- line based tcp load balancing proxy.☆14Jun 18, 2024Updated last year
- 🐻❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.☆14May 22, 2024Updated last year
- A simple way of detecting multithreaded exfiltration in Zeek.☆15May 1, 2025Updated 9 months ago
- Extract files from network traffic with Zeek.☆102Mar 17, 2020Updated 5 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆122Jul 12, 2021Updated 4 years ago
- Plugin for Zeek/Bro which provides http2 decoder/analyzer☆30Jun 11, 2024Updated last year
- Growing collection of Spicy-based protocol and file analyzers for Zeek☆32Sep 16, 2024Updated last year
- Deploy multiple instances of Nessus in docker containers easily☆20Mar 31, 2021Updated 4 years ago
- Add POST body excerpt to Bro's HTTP log☆14Dec 10, 2025Updated 2 months ago
- Set your logs on fire with Emoji-🔥!☆15Oct 9, 2020Updated 5 years ago
- A set of zeek scripts providing a module for tracking and correlating abnormal DNS behavior.☆36Jan 4, 2025Updated last year
- this nuclei template finds back up files☆22Aug 25, 2025Updated 5 months ago
- Zeek support for Community ID flow hashing.☆37Jul 11, 2023Updated 2 years ago
- IntelMQ Tutorial and Introductory Documentation☆15May 26, 2022Updated 3 years ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆23Oct 9, 2024Updated last year
- ☆21Oct 16, 2021Updated 4 years ago
- Kerberos Haters Guide to Zeek Threat Hunting☆34Oct 14, 2021Updated 4 years ago
- Zeek network security monitor plugin that enables parsing of the Tabular Data Stream (TDS) protocol☆25May 30, 2024Updated last year
- Validate if afpacket PACKET_FANOUT_HASH is working properly☆25May 19, 2022Updated 3 years ago
- ☆11Sep 26, 2021Updated 4 years ago
- A windbg extension for ASLR/DEP/SafeSEH check☆28May 19, 2018Updated 7 years ago
- DHCP Fingerprinting☆31Dec 15, 2020Updated 5 years ago
- Bro script package to create JSON formatted logs to stream into data analysis systems.☆30Dec 3, 2025Updated 2 months ago
- A Spicy protocol analyzer for WireGuard☆29Aug 11, 2020Updated 5 years ago