defensivedepth / WinTAP
Mirror network traffic from one interface to another on Windows
☆25Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for WinTAP
- ☆20Updated 4 years ago
- ☆15Updated 6 years ago
- Endpoint monitoring stack.☆18Updated 9 years ago
- FastIR Agent is a Windows service to execute FastIR Collector on demand☆14Updated 7 years ago
- A virtual MediaWiki development environment, built on Vagrant, VirtualBox, and Puppet.☆16Updated 7 years ago
- IDS Utility Belt For Automating/Testing Various Things☆30Updated 4 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2☆14Updated 4 years ago
- ☆15Updated 7 months ago
- The Auditd Framework logs and applies security policy to linux auditd data☆15Updated 6 years ago
- Bro PCAP Processing and Tagging API☆28Updated 7 years ago
- Detect Phishing with Bro IDS☆18Updated 7 years ago
- ☆18Updated last year
- Event Log Analysis Tools☆29Updated 8 years ago
- Work Fast With the pattern matching swiss knife for malware researchers.☆35Updated 8 years ago
- Scripts to query local admins quickly☆9Updated 8 years ago
- Malice Yara Plugin☆30Updated 5 years ago
- SQL scripts for querying event logs☆21Updated 7 years ago
- brostash: Linux distribution based on Debian and focusing on network security events collection☆34Updated 4 years ago
- Meer (GPLv2) is a dedicated "spooler" for the Suricata & Sagan EVE output formats.☆23Updated 3 years ago
- Scan web server for known webshell names and responses☆50Updated 8 years ago
- Detect malicious domain, Blablablablabla☆26Updated 7 years ago
- API Tools☆27Updated 8 years ago
- ☆12Updated 5 years ago
- viewssld is a free, open source, non-terminating SSLv2/SSLv3/TLS traffic decryption daemon for Snort, and other Network Intrusion Detecti…☆74Updated 7 years ago
- A tool to generate log messages related to interfaces, neighbor cache (ARP,NDP), IP address, routing, FIB rules, traffic control.☆31Updated last month
- Server for receiving autorun data from the clients☆13Updated 7 years ago
- Proof-of-concept that makes a guess at what applications are being tunneled through an SSH session. It works primarily by analyzing packe…☆10Updated 11 years ago
- Volatility memory forensics plugin for extracting Windows DNS Cache☆29Updated 7 years ago
- Plugins to add funtionality to ProcDOT. http://www.procdot.com☆22Updated last year
- A collection of Yara rules I have created so far☆16Updated 4 years ago