Bro PCAP Processing and Tagging API
☆28Nov 9, 2017Updated 8 years ago
Alternatives and similar repositories for brocapi
Users that are interested in brocapi are comparing it to the libraries listed below
Sorting:
- Bro analyzer that detects Google's QUIC protocol☆10Mar 2, 2021Updated 4 years ago
- PacketSled's Bro AMQP Writer Plugin☆11Aug 5, 2016Updated 9 years ago
- Pcaps for PeddleCheap and implant communication + script for interpreting and decrypting pcaps.☆17Nov 29, 2017Updated 8 years ago
- ☆18Jun 8, 2018Updated 7 years ago
- ☆13Oct 7, 2019Updated 6 years ago
- Bro/Zeek integration with osquery☆93Nov 2, 2020Updated 5 years ago
- Zeek network security monitor plugin that enables parsing of the Profinet protocol☆30May 30, 2024Updated last year
- Python emulator for Excel XLM macros.☆18May 25, 2020Updated 5 years ago
- Simple IP enrichment service and API wrapping PyASN and MaxMind GeoIP.☆71Dec 8, 2022Updated 3 years ago
- Script for generating Bro intel files from pdf or html reports☆77Dec 7, 2015Updated 10 years ago
- ☆24Aug 30, 2019Updated 6 years ago
- Logging plugin to bro to send logs to a Kafka broker☆20Nov 29, 2017Updated 8 years ago
- The mission of Black Lotus Labs is to leverage our network visibility to both help protect customers and keep the internet clean.☆12Jun 18, 2021Updated 4 years ago
- Generate a Yara rule to find base64-encoded files containg a specific keyword☆40Jul 13, 2018Updated 7 years ago
- Security Onion Elastic Stack☆46Feb 1, 2021Updated 5 years ago
- An extensible honeypot framework☆95Jul 15, 2022Updated 3 years ago
- ☆23Jul 7, 2023Updated 2 years ago
- Repository for LNK stuff☆31Aug 31, 2022Updated 3 years ago
- ☆25Aug 14, 2015Updated 10 years ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- Library for Object Linking and Embedding (OLE) data types☆12Nov 27, 2025Updated 3 months ago
- Mimikatz embedded as classes☆28Oct 25, 2021Updated 4 years ago
- A utility to force query DNS over DoH off of CloudFlare API when DNS block is in place☆10Aug 26, 2018Updated 7 years ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- Zeek network security monitor plugin that enables parsing of the Ethernet/IP and Common Industrial Protocol standards☆46May 30, 2024Updated last year
- Development guide for Volatility Plugins☆22Sep 6, 2017Updated 8 years ago
- A framework that correlates Bro events☆18Oct 25, 2013Updated 12 years ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 8 months ago
- Wireshark dissector for wirelessHART☆13Aug 2, 2017Updated 8 years ago
- ☆11Mar 12, 2021Updated 4 years ago
- Simple packet dissector that detects anomalous DNP3 traffic by analysing its parameters☆15Jan 12, 2016Updated 10 years ago
- Extracts indicators of compromise (IOCs), including domain names, IPv4 addresses, email addresses, and hashes, from text.☆11Dec 10, 2017Updated 8 years ago
- This script will generate hashes (MD5, SHA1, SHA256), submit the MD5 to Virus Total, and produce a text file with the results.☆15Jul 13, 2023Updated 2 years ago
- Base64 Mutator☆13Feb 13, 2021Updated 5 years ago
- IEC104 Client for Metasploit☆11Aug 6, 2018Updated 7 years ago
- A collection of my public YARA signatures for various malware families☆30Sep 20, 2024Updated last year
- Bro Intel Feed Linter☆26Aug 30, 2019Updated 6 years ago
- Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark☆449Jan 16, 2024Updated 2 years ago
- Pure Python parser for data encoded by .NET's BinaryFormatter☆54Sep 4, 2018Updated 7 years ago