mytechnotalent / Zeek-Network-Security-Monitor
A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
☆62Updated 2 years ago
Alternatives and similar repositories for Zeek-Network-Security-Monitor:
Users that are interested in Zeek-Network-Security-Monitor are comparing it to the libraries listed below
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Collection of walkthroughs on various threat hunting techniques☆75Updated 4 years ago
- This contains a list of Blue Team Tools that I use daily, and have stored here for reference.☆33Updated 7 years ago
- Reference sheet for Threat Hunting Professional Course☆25Updated 6 years ago
- Lokix Platform is a free open-source solution to help blue teams and threat hunters use Loki Scanner to sweep enterprise networks☆25Updated 4 years ago
- PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…☆95Updated 3 years ago
- Wrap any binary into a cached webserver☆53Updated 3 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆51Updated 2 years ago
- Repository for SPEED SIEM Use Case Framework☆53Updated 4 years ago
- The Fastest way to consume Threat Intel☆25Updated 2 years ago
- Sharing Threat Hunting runbooks☆25Updated 5 years ago
- Automatic detection engineering technical state compliance☆55Updated 9 months ago
- A tool to assess data quality, built on top of the awesome OSSEM.☆77Updated 2 years ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆85Updated 2 years ago
- Generate a histogram of TCP and UDP payload bytes from a pcap file☆24Updated 2 years ago
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆66Updated 7 years ago
- Run Velociraptor on Security Onion☆37Updated 2 years ago
- automate your MISP installs☆67Updated 4 years ago
- The project was moved here https://github.com/atomic-threat-coverage/atomic-threat-coverage☆24Updated 5 years ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆44Updated 3 years ago
- Searches for Insider Threat Hunting☆31Updated 5 years ago
- Tool used to perform threat intelligence against packet data☆35Updated 2 months ago
- Library of threat hunts to get any user started!☆44Updated 4 years ago
- A community event for security researchers to share their favorite notebooks☆107Updated last year
- ☆53Updated last week
- ☆51Updated 3 years ago
- misp-cloud - Cloud-ready images of MISP☆72Updated 2 years ago
- FIles and guides related to using Elasticstack as a SIEM☆12Updated 4 years ago
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Updated 4 years ago
- Open source training materials for law-enforcement and organisations interested in DFIR.☆55Updated 3 months ago