gchq / event-logging-schemaLinks
Event Logging is an XML Schema for describing the auditable events generated by computer systems, hardware devices and access control systems
☆26Updated 4 months ago
Alternatives and similar repositories for event-logging-schema
Users that are interested in event-logging-schema are comparing it to the libraries listed below
Sorting:
- Content for Stroom such as XML Schemas, translations, pipelines and dashboards☆10Updated 2 months ago
- Potiron - Normalize, Index and Visualize Network Capture☆88Updated 6 years ago
- Materials for the BSides NoVA/Charleston 2018 Bro Workshop☆14Updated 2 months ago
- CARET - A tool for viewing cyber analytic relationships☆55Updated 5 years ago
- Specifications used in the MISP project including MISP core format☆51Updated last month
- A Java JAXB library for generating events conforming to the Event Logging XML Schema☆17Updated last year
- gaffer-tools is deprecated. Use https://github.com/gchq/gafferpy instead☆50Updated last year
- You're busted!☆26Updated 5 years ago
- pcapdj - dispatch pcap files☆46Updated 5 years ago
- Traceroute improved wrapper for CSIRT and CERT operators☆38Updated 10 months ago
- Homographs: brutefind homographs within a font☆19Updated 8 years ago
- Tools to assist in forensicating docker☆84Updated 5 months ago
- D4 core software (server and sample sensor client)☆42Updated last year
- This is a hash parser that will export a rc file compatible with Metasploit. This is useful when compromising a separate domain and want …☆22Updated 10 years ago
- ☆36Updated 4 years ago
- Best practices in threat intelligence☆48Updated 2 years ago
- This python scripts can calculate the WHOIS Similarity Distance between two given domains.☆29Updated 2 years ago
- Build Automated Machine Images for MISP☆28Updated 2 years ago
- Things to know when DFIR occurs near a vault deployment.☆43Updated 7 years ago
- Hosted analyzers built for Grapl☆14Updated 2 years ago
- Repository for the OWASP/WASC Distributed Web Honeypots Project -☆33Updated 10 years ago
- This repository is a curated list of pro bono incident response entities.☆21Updated 2 years ago
- A developer-friendly framework for exhaustive analysis of (PCAP and PE) files.☆15Updated 7 years ago
- DomainClassifier is a Python (2/3) library to extract and classify Internet domains/hostnames/IP addresses from raw unstructured text fil…☆78Updated last year
- Sighting DB is designed to scale writing and reading a count of attributes, tracking when if was first and last seen☆16Updated last year
- A Spicy protocol analyzer for WireGuard☆29Updated 5 years ago
- Passive Network Audit Framework☆32Updated 7 years ago
- Using osquery for Mass Incident Detection & Response☆19Updated 9 years ago
- Passive DHCP fingerprinting implementation☆51Updated 9 years ago
- Flexible framework that allows automation to process cyber threat information and update endpoint defense tools.☆20Updated 6 years ago