mytechnotalent / Zeek-Network-Security-MonitorLinks
A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
☆62Updated 2 years ago
Alternatives and similar repositories for Zeek-Network-Security-Monitor
Users that are interested in Zeek-Network-Security-Monitor are comparing it to the libraries listed below
Sorting:
- Collection of walkthroughs on various threat hunting techniques☆75Updated 5 years ago
- Tool used to perform threat intelligence against packet data☆35Updated 6 months ago
- This contains a list of Blue Team Tools that I use daily, and have stored here for reference.☆34Updated 7 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Lokix Platform is a free open-source solution to help blue teams and threat hunters use Loki Scanner to sweep enterprise networks☆25Updated 4 years ago
- ☆51Updated 3 years ago
- Wrap any binary into a cached webserver☆53Updated 3 years ago
- Reference sheet for Threat Hunting Professional Course☆25Updated 6 years ago
- Tool for quickly gathering information from Shodan.io about the number of IPs which satisfy large number of different queries☆49Updated 2 years ago
- PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…☆95Updated 4 years ago
- an awesome list of active defense resources☆124Updated 5 years ago
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆27Updated 5 years ago
- A MITRE ATT&CK Lookup Tool☆45Updated last year
- A collection of tips for using MISP.☆74Updated 7 months ago
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆32Updated 5 years ago
- Corelight@Home script☆42Updated last year
- A simple ReST server to lookup threat actors (by name, synonym or UUID) and returning the corresponding MISP galaxy information about the…☆49Updated last year
- ☆55Updated 4 years ago
- Learning by Practising - Hack & Detect - A Practical Guide to Hacking and its Detection via network forensics☆78Updated last year
- Incident Response Network Tools☆24Updated 4 years ago
- ☆68Updated 4 years ago
- Run Velociraptor on Security Onion☆39Updated 3 years ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆45Updated 3 years ago
- Sharing Threat Hunting runbooks☆26Updated 6 years ago
- A community event for security researchers to share their favorite notebooks☆108Updated last year
- ☆77Updated 6 years ago
- Docker Container to deploy Mitre Caldera Automated Adversary Emulation System☆26Updated 4 years ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆146Updated last year
- Cont3xt intends to centralize and simplify a structured approach to gathering contextual intelligence in support of technical investigati…☆37Updated last year
- Automatic detection engineering technical state compliance☆55Updated last year