module for osquery to load Bro logs into tables
☆28Apr 28, 2015Updated 10 years ago
Alternatives and similar repositories for brosquery
Users that are interested in brosquery are comparing it to the libraries listed below
Sorting:
- Logging plugin to bro to send logs to a Kafka broker☆20Nov 29, 2017Updated 8 years ago
- Dockerfiles for NSM tools☆84Apr 14, 2017Updated 8 years ago
- (OBSOLETE) Plugins for Bro☆53Sep 13, 2017Updated 8 years ago
- Bro/Zeek integration with osquery☆93Nov 2, 2020Updated 5 years ago
- Zeek package to generate a SMB client fingerprint☆27May 5, 2020Updated 5 years ago
- Extensions for Zeek's Intelligence Framework.☆11Mar 1, 2022Updated 3 years ago
- Summit Route End Point Protection - Server code☆11Apr 10, 2016Updated 9 years ago
- Bro scripts written by CrowdStrike Services☆148May 3, 2021Updated 4 years ago
- Haskell parser for the REIL intermediate language (currently a work-in-progress)☆11Jan 12, 2018Updated 8 years ago
- Broctl plugin for automatically executing 'setcap' on each node after an install☆13Dec 18, 2020Updated 5 years ago
- Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark☆449Jan 16, 2024Updated 2 years ago
- Remotely collect linux live forensics artifacts.☆14Jul 8, 2022Updated 3 years ago
- Summit Route End Point Protection - Client code☆16Apr 10, 2016Updated 9 years ago
- Web based analysis platform for use with the AWS_IR command line tool.☆17Aug 4, 2016Updated 9 years ago
- Flow-based SSH intrusion detection system (NfSen plugin)☆41Dec 10, 2015Updated 10 years ago
- Site for IWS book content☆17Oct 28, 2018Updated 7 years ago
- Crypto library showing how to use NaCl and libsodium to encrypt and decrypt message securely.☆24Mar 2, 2014Updated 11 years ago
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆21Oct 25, 2023Updated 2 years ago
- OSSEC Decoder & Rulesets for Sysmon Events☆15Jul 23, 2015Updated 10 years ago
- Low budget VirusTotal Intelligence Cosplay☆20Jan 6, 2022Updated 4 years ago
- Beholder is a shell script which installs and configures essentials to peer into your network activity.☆19Jun 19, 2017Updated 8 years ago
- Python module for evaluation of AWS account best practices around incident handling readieness.☆55Jun 26, 2020Updated 5 years ago
- My Quick Note of BlackHat 2015 Arsenal☆26Aug 13, 2015Updated 10 years ago
- It's like a polaroid, but for domains☆24Feb 6, 2015Updated 11 years ago
- Splunk Boss of the SOC v1 data set.☆113Jun 13, 2018Updated 7 years ago
- Cyber Defence Monitoring Course Suite :: Suricata, Bro, Moloch☆61Feb 20, 2017Updated 9 years ago
- This python scripts can calculate the WHOIS Similarity Distance between two given domains.☆29Dec 8, 2022Updated 3 years ago
- A command line tool to get a report of sensu checks for a host into your console. Great for putting in your MOTD!☆34Nov 4, 2015Updated 10 years ago
- Tool to gather Threat Intelligence indicators from publicly available sources☆658Mar 14, 2019Updated 6 years ago
- an osquery fleet manager☆620Dec 8, 2022Updated 3 years ago
- A collection of bro_scripts and signatures☆27Jun 26, 2019Updated 6 years ago
- Docker based Suricata, Elasticsearch, Logstash, Kibana, Scirius aka SELKS☆184Sep 13, 2022Updated 3 years ago
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆35Feb 2, 2022Updated 4 years ago
- integrating bro into yara☆33Dec 9, 2014Updated 11 years ago
- A search command for Splunk which will allow you to search Elastic Search and display the results in the Splunk GUI☆70Aug 10, 2025Updated 6 months ago
- Protocol Analysis/Decoder Framework☆497Dec 19, 2022Updated 3 years ago
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆32Jan 1, 2020Updated 6 years ago
- Bro scripts to be shared with the community☆110Mar 6, 2013Updated 12 years ago
- Python library for Cymon.io APIs☆32Jan 3, 2017Updated 9 years ago