corelight / ripple20
A Zeek package for the passive detection of "Ripple20" vulnerabilities in the Treck TCP/IP stack.
☆33Updated 2 years ago
Alternatives and similar repositories for ripple20:
Users that are interested in ripple20 are comparing it to the libraries listed below
- Bro integration with osquery☆15Updated 2 years ago
- A CLI tool for querying passive DNS services☆41Updated last year
- Cybersecurity Incidents Mind Maps☆33Updated 3 years ago
- How to Zeek Sysmon Logs!☆101Updated 3 years ago
- This module detects HTTP requests that are non RFC compliant and used for smuggling☆12Updated 2 years ago
- Python 3 library to request https://crt.sh/☆31Updated 3 months ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆39Updated last year
- The Fastest way to consume Threat Intel☆25Updated 2 years ago
- ☆35Updated last year
- Pulse Secure SSL VPN pre-auth file reading☆50Updated 5 years ago
- CVE2020-0796 SMBv3 RCE☆61Updated 5 years ago
- Presentations from the CX Security Labs team☆33Updated 5 months ago
- A low interaction honeypot for the Cisco ASA component capable of detecting CVE-2018-0101, a DoS and remote code execution vulnerability.☆51Updated 6 years ago
- Tweettioc Splunk App☆20Updated 4 years ago
- Historical list of {Cobalt Strike,NanoHTTPD} servers☆121Updated 5 years ago
- WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middlew…☆32Updated 4 years ago
- ☆53Updated 6 years ago
- Suricata rule and intel index☆31Updated last week
- ATT&CK Evaluations website (DEPRECATED)☆59Updated 3 years ago
- Threat Mapping Catalogue☆17Updated 3 years ago
- Black Hat EU 2018 - Don't Eat Spaghetti with a Spoon - An Analysis of the Practical Value of Threat Intelligence☆22Updated 6 years ago
- Last download from git://git.carnivore.it/honeytrap.git of Honytrap by Tillmann Werner☆43Updated 3 years ago
- PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.☆153Updated 2 weeks ago
- A tool to assess data quality, built on top of the awesome OSSEM.☆77Updated 2 years ago
- Explore Indicators of Compromise Automatically☆94Updated 5 years ago
- A repository for OSSEC rules and decoders☆54Updated last year
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆123Updated 3 years ago
- Multithreaded Padding Oracle Attack on Oracle OAM (CVE-2018-2879)☆24Updated 5 years ago
- ☆37Updated last year
- A web-based tool to assist the work of the intuitive threat analysts.☆112Updated 6 years ago