Alternatives and similar repositories for pcap-did-what:

Users that are interested in pcap-did-what are comparing it to the libraries listed below

• lawndoc / Respotter
  Respotter is a Responder honeypot. Detect Responder in your environment as soon as it's spun up.
  ☆194Updated 3 months ago
• cgosec / Blauhaunt
  A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…
  ☆168Updated 2 months ago
• Neo23x0 / god-mode-rules
  God Mode Detection Rules
  ☆134Updated 8 months ago
• iknowjason / AutomatedEmulation
  An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.
  ☆189Updated 9 months ago
• grahamhelton / dredge
  Dredging up secrets from the depths of the file system
  ☆125Updated 5 months ago
• AlbinoGazelle / esxi-testing-toolkit
  🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.
  ☆72Updated 3 weeks ago
• vectra-ai-research / Halberd
  Halberd : Multi-Cloud Attack Platform
  ☆269Updated last week
• HackingLZ / IndicatorOfCanary
  Canary Detection
  ☆168Updated last year
• krdmnbrk / AttackRuleMap
  Mapping of open-source detection rules and atomic tests.
  ☆163Updated 3 months ago
• cisagov / parsnip
  ☆71Updated 2 months ago
• splunk / DECEIVE
  DECeption with Evaluative Integrated Validation Engine (DECEIVE): Let an LLM do all the hard honeypot work!
  ☆237Updated last month
• CERT-Polska / mailgoose
  A web application that allows the users to check whether their SPF, DMARC and DKIM configuration is set up correctly.
  ☆142Updated 2 weeks ago
• CERN-CERT / pDNSSOC
  Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.
  ☆51Updated 3 months ago
• fkkarakurt / reconic
  A Powerful Network Reconnaissance Tool for Security Professionals
  ☆100Updated 3 months ago
• arsolutioner / ExtensionHound
  A security analysis tool that identifies DNS queries made by browser extensions, empowering security teams to detect and investigate susp…
  ☆162Updated 2 months ago
• Nirusu / how-to-setup-a-honeypot
  How to setup a honeypot with an IDS, ELK and TLS traffic inspection
  ☆158Updated 2 years ago
• huntresslabs / rogueapps
  When good OAuth apps go rogue. Documents observed OAuth application tradecraft
  ☆75Updated 3 weeks ago
• tsale / EDR-Telemetry-Website
  ☆74Updated 3 weeks ago
• referefref / sinon
  Automation tool for Windows Deception Host Burn-In
  ☆85Updated 4 months ago
• AirbusProtect / AD-Canaries
  The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…
  ☆250Updated last year
• vm32 / Digital-Forensics-Script-for-Linux
  Advanced Bash script designed for conducting digital forensics on Linux systems
  ☆141Updated last year
• grahamhelton / grahamhelton.github.io
  ☆40Updated 8 months ago
• referefref / honeydet
  Signature based honeypot detector tool written in Golang
  ☆89Updated last month
• JumpsecLabs / TokenSmith
  TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and …
  ☆266Updated 3 months ago
• CrowdStrike / VirtualGHOST
  VirtualGHOST Detection Tool
  ☆91Updated 11 months ago
• caverav / auditforge
  AuditForge is a pentest reporting application making it simple and easy to write your findings and generate a customizable report.
  ☆69Updated last week
• DataDog / HASH
  HASH (HTTP Agnostic Software Honeypot)
  ☆139Updated 11 months ago
• ine-labs / ThreatSeeker
  ThreatSeeker: Threat Hunting via Windows Event Logs
  ☆120Updated last year
• MalBeacon / what-is-this-stealer
  A repository of credential stealer formats
  ☆210Updated 3 weeks ago
• koreyhacks / VulnViper
  Web Server Vulnerability Scanning Tool
  ☆35Updated last month