corelight / top-dns
Top DNS Measurement for Bro
☆11Updated 4 years ago
Alternatives and similar repositories for top-dns:
Users that are interested in top-dns are comparing it to the libraries listed below
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- brostash: Linux distribution based on Debian and focusing on network security events collection☆34Updated 4 years ago
- scan-detection policies for bro☆16Updated 3 months ago
- Detect Phishing with Bro IDS☆18Updated 8 years ago
- Exports MISP events to STIX and ingest into McAfee ESM☆15Updated 5 years ago
- OSSEC Decoder & Rulesets for Sysmon Events☆15Updated 9 years ago
- ☆14Updated last year
- Security Onion Elastic Stack☆46Updated 4 years ago
- ☆12Updated 5 years ago
- Bro PCAP Processing and Tagging API☆28Updated 7 years ago
- Bro Intel Feed Linter☆26Updated 5 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆39Updated last year
- My personal experience in Threat Hunting and knowledge gained so far.☆19Updated 7 years ago
- A collection of bro_scripts and signatures☆26Updated 5 years ago
- FireEye Alert json files to MISP Malware information sharing plattform (Alpha)☆32Updated 7 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Updated last year
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Updated 4 years ago
- IDS Utility Belt For Automating/Testing Various Things☆30Updated 4 years ago
- ☆16Updated 4 months ago
- Generates visualizations from the output of flow tools such as SiLK.☆35Updated 8 years ago
- Zeek package to generate a SMB client fingerprint☆27Updated 4 years ago
- Add POST body excerpt to Bro's HTTP log☆14Updated 11 months ago
- Network Forensics Bro scripts & pcap samples☆62Updated 11 years ago
- Detect HTTP stalling attacks like slowloris with Bro☆19Updated 7 years ago
- Cyber Intel Management☆48Updated 7 years ago
- brocon-15 scripts☆13Updated 8 years ago
- Exporting MISP event attributes to yara rules usable with Thor apt scanner☆24Updated 8 years ago
- Plugin for Zeek/Bro which provides http2 decoder/analyzer☆31Updated 10 months ago
- Use DNS to hunt for threats including DGAs☆15Updated 9 years ago
- Collection of bro scripts☆9Updated 9 years ago