fkie-cad / Logprep

Related projects: ⓘ

• corelight / zeek-long-connections
  Zeek package for tracking long connections to report them before they have completed.
  ☆28Updated 2 years ago
• csirt-tooling-org / csirt-tooling-best-practices
  CSIRT Tooling: Best Practices in Developing, Maintaining and Distributing Open Source Tools
  ☆16Updated 2 years ago
• corelight / pycommunityid
  A Python implementation of the Community ID flow hashing standard
  ☆23Updated 9 months ago
• DCSO / balboa
  server for indexing and querying passive DNS observations
  ☆44Updated 7 months ago
• CybercentreCanada / assemblyline-core
  Core server components for Assemblyline 4 (Alerter, dispatcher, expiry, ingester, scaler, updater, ...)
  ☆19Updated this week
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆33Updated 3 weeks ago
• bakirtzisg / cybok-cli
  A vulnerability assessment tool for system models
  ☆13Updated 2 years ago
• zeek / spicy-analyzers
  Growing collection of Spicy-based protocol and file analyzers for Zeek
  ☆32Updated this week
• bez0r / BeaconBits
  Network timing evaluation used to detect beacons, works with argus flow as the source
  ☆18Updated 8 years ago
• opencybersecurityalliance / firepit
  Firepit - STIX Columnar Storage
  ☆15Updated 3 months ago
• m-chrome / py-suricataparser
  Pure python parser for Snort/Suricata rules.
  ☆25Updated 6 months ago
• DevoInc / sightingdb
  Sighting DB is designed to scale writing and reading a count of attributes, tracking when if was first and last seen
  ☆16Updated 5 months ago
• CyCat-project / cycat-service
  CyCAT.org API back-end server including crawlers
  ☆30Updated last year
• DCSO / MISP-dockerized
  ☆33Updated 4 years ago
• COSSAS / sacti
  SACTI - Securely aggregate CTI sightings and report them on MISP
  ☆13Updated last year
• hashlookup / PyHashlookup
  Python CLI and module for CIRCL hash lookup
  ☆12Updated 3 months ago
• ace-ecosystem / ACE
  Analysis Correlation Engine
  ☆23Updated 2 years ago
• MISP / PyMISPWarningLists
  Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists
  ☆29Updated this week
• devops-ia / helm-opencti
  Helm chart for Open Cyber Threat Intelligence Platform
  ☆11Updated this week
• ioc-fang / ioc-fanger
  Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .
  ☆55Updated 11 months ago
• adulau / napkin-text-analysis
  Napkin is a simple tool to produce statistical analysis of a text
  ☆12Updated 6 months ago
• theparanoids / spicy-noise
  A Spicy protocol analyzer for WireGuard
  ☆27Updated 4 years ago
• CyCat-project / cycat-taxonomy
  CyCAT.org taxonomies
  ☆14Updated 3 years ago
• csirt-tooling-org / tooling-directory
  Tools used by CSIRT and especially in the scope of CNW
  ☆14Updated 3 months ago
• google / picatrix
  Picatrix is a library designed to help security analysts in a notebook environment, such as colab or jupyter.
  ☆45Updated 2 months ago
• cerebrate-project / cerebrate
  Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…
  ☆82Updated this week
• dgunter / ParseZeekLogs
  Utility for parsing Bro log files into CSV or JSON format
  ☆41Updated last year
• vfeedio / pyvfeed
  Python API for vFeed Vulnerability & Threat Intelligence Database Enterprise & Pro Editions
  ☆94Updated last year
• stratosphereips / whois-similarity-distance
  This python scripts can calculate the WHOIS Similarity Distance between two given domains.
  ☆30Updated last year
• MISP / best-practices-in-threat-intelligence
  Best practices in threat intelligence
  ☆46Updated last year