microsoft / ms-zeek

Related projects: ⓘ

• theparanoids / spicy-noise
  A Spicy protocol analyzer for WireGuard
  ☆27Updated 4 years ago
• nccgroup / KilledProcessCanary
  A canary designed to minimize the impact from certain Ransomware actors
  ☆98Updated 3 years ago
• RomelSan / hackers-dont-give-a-shit
  Hackers Don't Give A Shit
  ☆14Updated 4 years ago
• Aldenar / salt-malware-sources
  Source files found after a recent hack of one of my machines, showing how the infection spreads itself and what it does, useful for analy…
  ☆13Updated 4 years ago
• CyberSift / OSQUERY-PACKS
  Osquery Packs we use for customer security hardening
  ☆12Updated 6 months ago
• turbot / steampipe-plugin-virustotal
  Use SQL to instantly query file, domain, URL and IP scanning results from VirusTotal.
  ☆22Updated last week
• osresearch / jumphost
  ssh jump host appliance
  ☆25Updated 2 years ago
• telekom-security / acquire-aws-ec2
  A python script to acquire multiple aws ec2 instances in a forensically sound-ish way
  ☆37Updated 2 years ago
• spyx / SysmonGrahp
  ☆14Updated 3 years ago
• c-skills / passport
  ☆19Updated last week
• SentineLabs / log4j_response
  ☆15Updated 2 years ago
• f5devcentral / cve-2020-5902-ioc-bigip-checker
  ☆17Updated 4 years ago
• hvs-consulting / ioc_signatures
  Repository with selected IOCs and YARA rules for threat hunting.
  ☆31Updated 3 weeks ago
• limbenjamin / nTimetools
  Timestomper and Timestamp checker with nanosecond accuracy for NTFS volumes
  ☆43Updated 3 years ago
• D4-project / passive-ssh
  A Passive SSH back-end and scanner.
  ☆102Updated 3 months ago
• rolando-anton / packer-disposable-windows
  A packer project to generate Windows EVAL images to use it on test / dev / hack / IR labs
  ☆24Updated 3 years ago
• Neo23x0 / Rewind
  Immediate Virus Infection Counter Measures
  ☆62Updated 3 years ago
• huntandhackett / Antignis
  Source code and examples for Antignis
  ☆36Updated last year
• AGWA / whoarethey
  Determine Who Can Log In to an SSH Server
  ☆27Updated last year
• antitree / keyctl-unmask
  Going Florida on container keyring masks. A tool to demonstrate the ineffectivity containers have on isolating Linux Kernel keyrings.
  ☆43Updated last year
• ForensicITGuy / libpreloadvaccine
  Whitelisting LD_PRELOAD libraries using LD_AUDIT
  ☆60Updated 2 years ago
• tenzir / dockerized-zeek
  Dockerized Zeek
  ☆10Updated 6 months ago
• cedricbonhomme / freshermeat
  An open source software directory and release tracker.
  ☆22Updated last month
• adobe / libLOL
  ☆45Updated 5 months ago
• 0x3a / ipwrangle
  Expand CIDRs or wrangle a list of IPs back to its smallest CIDR blocks possible
  ☆10Updated 4 years ago
• dustinmoris / ThreatModellingGame
  ☆14Updated this week
• olafhartong / sysmon-parser
  Automatically generated Sysmon parser for Azure Sentinel
  ☆14Updated this week
• kindredgroup / paf-credentials-checker
  PCC's aim is to provide a high performing offline tool to easily assess which users are vulnerable to Password Reuse Attacks (a.k.a. Pass…
  ☆18Updated 4 years ago
• airbus-cert / cacdec
  The hidden mstsc recorder player
  ☆28Updated 4 years ago
• usbarmory / armory-drive
  F-Secure Armory Drive - USB encrypted drive with mobile unlock over BLE
  ☆54Updated 11 months ago