mytechnotalent / Zeek-Network-Security-Monitor
A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
☆61Updated 2 years ago
Alternatives and similar repositories for Zeek-Network-Security-Monitor:
Users that are interested in Zeek-Network-Security-Monitor are comparing it to the libraries listed below
- Library of threat hunts to get any user started!☆42Updated 4 years ago
- Collection of walkthroughs on various threat hunting techniques☆75Updated 4 years ago
- Wrap any binary into a cached webserver☆53Updated 2 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆50Updated 2 years ago
- ☆48Updated 2 years ago
- Tool used to perform threat intelligence against packet data☆35Updated 3 weeks ago
- This contains a list of Blue Team Tools that I use daily, and have stored here for reference.☆33Updated 7 years ago
- Reference sheet for Threat Hunting Professional Course☆25Updated 5 years ago
- Repository for SPEED SIEM Use Case Framework☆53Updated 4 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆34Updated 2 years ago
- A collection of tips for using MISP.☆74Updated 2 months ago
- A community event for security researchers to share their favorite notebooks☆107Updated last year
- A curated list of Awesome Threat Intelligence resources☆47Updated 6 years ago
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆51Updated 2 years ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆44Updated 3 years ago
- A curated list of FOSS software appliances for building a SOC☆18Updated 4 years ago
- Converting data from services like Censys and Shodan to a common data model☆49Updated 5 months ago
- Run zeek with zeekctl in docker☆51Updated 5 months ago
- PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…☆95Updated 3 years ago
- ☆29Updated 4 years ago
- Tool for quickly gathering information from Shodan.io about the number of IPs which satisfy large number of different queries☆48Updated 2 years ago
- simple webapp for converting sigma rules into siem queries using the pySigma library☆47Updated last year
- Import specific data sources into the Sigma generic and open signature format.☆77Updated 2 years ago
- ☆34Updated 4 years ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆85Updated 2 years ago
- Automatic detection engineering technical state compliance☆54Updated 7 months ago
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Updated 4 years ago
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆32Updated 5 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 2 years ago
- The FASTEST way to consume threat intel.☆67Updated last year