mytechnotalent / Zeek-Network-Security-MonitorLinks
A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
☆63Updated last month
Alternatives and similar repositories for Zeek-Network-Security-Monitor
Users that are interested in Zeek-Network-Security-Monitor are comparing it to the libraries listed below
Sorting:
- Collection of walkthroughs on various threat hunting techniques☆76Updated 5 years ago
- This contains a list of Blue Team Tools that I use daily, and have stored here for reference.☆34Updated 8 years ago
- ☆56Updated 3 years ago
- PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…☆95Updated 4 years ago
- A MITRE ATT&CK Lookup Tool☆46Updated last year
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆38Updated 3 years ago
- Lokix Platform is a free open-source solution to help blue teams and threat hunters use Loki Scanner to sweep enterprise networks☆25Updated 5 years ago
- Acheron is a RESTful vulnerability assessment and management framework built around search and dedicated to terminal extensibility.☆33Updated 2 years ago
- an awesome list of active defense resources☆127Updated 5 years ago
- Tool used to perform threat intelligence against packet data☆36Updated 11 months ago
- Learning by Practising - Hack & Detect - A Practical Guide to Hacking and its Detection via network forensics☆76Updated 2 years ago
- ☆70Updated 4 years ago
- A collection of tips for using MISP.☆75Updated last year
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆90Updated 3 years ago
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆32Updated 5 years ago
- Wrap any binary into a cached webserver☆56Updated 3 years ago
- Tool for quickly gathering information from Shodan.io about the number of IPs which satisfy large number of different queries☆51Updated 2 years ago
- Cont3xt intends to centralize and simplify a structured approach to gathering contextual intelligence in support of technical investigati…☆38Updated last year
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆49Updated last year
- A simple ReST server to lookup threat actors (by name, synonym or UUID) and returning the corresponding MISP galaxy information about the…☆50Updated 4 months ago
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆80Updated 2 months ago
- ☆44Updated 5 months ago
- This repository is for the vagrant instances of VulnHub machines☆46Updated last year
- ☆77Updated 6 years ago
- Sharing Threat Hunting runbooks☆25Updated 6 years ago
- Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.☆45Updated 5 years ago
- IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.☆35Updated 3 years ago
- ☆55Updated 4 years ago
- Generate a histogram of TCP and UDP payload bytes from a pcap file☆24Updated 3 years ago
- ☆11Updated 4 years ago