Alternatives and similar repositories for Zeek-Network-Security-Monitor

Users that are interested in Zeek-Network-Security-Monitor are comparing it to the libraries listed below

• activecm / threat-hunting-labs
  Collection of walkthroughs on various threat hunting techniques
  ☆76Updated 5 years ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆38Updated 3 years ago
• adhdproject / awesome-active-defense
  an awesome list of active defense resources
  ☆129Updated 5 years ago
• alph4w0lf / LokiX
  Lokix Platform is a free open-source solution to help blue teams and threat hunters use Loki Scanner to sweep enterprise networks
  ☆25Updated 5 years ago
• shr3ddersec / ThreatHunting
  Reference sheet for Threat Hunting Professional Course
  ☆26Updated 6 years ago
• dcarlin / Blue-Team-Tools
  This contains a list of Blue Team Tools that I use daily, and have stored here for reference.
  ☆34Updated 8 years ago
• MarkBaggett / apiify
  Wrap any binary into a cached webserver
  ☆57Updated 3 years ago
• curated-intel / attack-lookup
  A MITRE ATT&CK Lookup Tool
  ☆46Updated last year
• packetsifter / packetsifterTool
  PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…
  ☆93Updated 4 years ago
• SecurityNik / pktIntel
  Tool used to perform threat intelligence against packet data
  ☆36Updated last year
• w8mej / ThreatPlays
  Sharing Threat Hunting runbooks
  ☆25Updated 6 years ago
• Hestat / soc-threat-hunting
  Repo of python/bash scripts for identifying IoC's in threat feed and other online tools
  ☆26Updated 5 years ago
• corelight / threat-hunting-guide
  ☆58Updated 3 years ago
• MISP / threat-actor-intelligence-server
  A simple ReST server to lookup threat actors (by name, synonym or UUID) and returning the corresponding MISP galaxy information about the…
  ☆50Updated 5 months ago
• cdefid / TheHiveIRPlaybook
  TheHiveIRPlaybook is a collection of TheHive case templates used for Incident Response
  ☆13Updated 5 years ago
• NettleSec / TriOp
  Tool for quickly gathering information from Shodan.io about the number of IPs which satisfy large number of different queries
  ☆52Updated 3 years ago
• 3CORESec / S2AN
  S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
  ☆91Updated 3 years ago
• sans-blue-team / sec530-wiki
  ☆56Updated 4 years ago
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆51Updated last year
• Security-Onion-Solutions / securityonion-docs
  ☆95Updated 2 weeks ago
• StevenD33 / Lab-DFIR-SOC
  ☆69Updated 4 years ago
• corelight / raspi-corelight
  Corelight@Home script
  ☆45Updated 2 years ago
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆75Updated last year
• sans-blue-team / sec555-wiki
  ☆77Updated 6 years ago
• SecurityNik / SUWtHEh-
  Learning by Practising - Hack & Detect - A Practical Guide to Hacking and its Detection via network forensics
  ☆77Updated 2 years ago
• Maboalenen / DFIR
  Incident response teams usually working on the offline data, collecting the evidence, then analyze the data
  ☆45Updated 4 years ago
• CERT-Bund / IRNetTools
  Incident Response Network Tools
  ☆24Updated 4 years ago
• sans-blue-team / sec555-mdwiki-v1
  ☆11Updated 5 years ago
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆58Updated 5 years ago
• ReconInfoSec / graylog2thehive
  Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.
  ☆45Updated 5 years ago