mytechnotalent / Zeek-Network-Security-Monitor
A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
☆61Updated last year
Related projects: ⓘ
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆32Updated 2 years ago
- Collection of walkthroughs on various threat hunting techniques☆73Updated 4 years ago
- ☆43Updated 2 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆49Updated 2 years ago
- Repository for SPEED SIEM Use Case Framework☆52Updated 4 years ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆83Updated last year
- Wrap any binary into a cached webserver☆53Updated 2 years ago
- A community event for security researchers to share their favorite notebooks☆105Updated 7 months ago
- Library of threat hunts to get any user started!☆40Updated 4 years ago
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆37Updated 2 years ago
- ☆44Updated this week
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆106Updated 4 years ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆44Updated 2 years ago
- misp-cloud - Cloud-ready images of MISP☆70Updated 2 years ago
- Searches for Insider Threat Hunting☆30Updated 5 years ago
- automate your MISP installs☆66Updated 4 years ago
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆64Updated 6 years ago
- ☆34Updated 3 years ago
- ☆29Updated 3 years ago
- Sharing Threat Hunting runbooks☆24Updated 5 years ago
- Best practices in threat intelligence☆46Updated last year
- Collection of Jupyter Notebook for Threat Hunting and Blue Team Purposes☆18Updated 2 years ago
- Run Velociraptor on Security Onion☆34Updated 2 years ago
- Repository with Sample threat hunting notebooks on Security Event Log Data Sources☆57Updated last year
- Import specific data sources into the Sigma generic and open signature format.☆77Updated 2 years ago
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Updated 4 years ago
- This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)☆29Updated 8 months ago
- ☆78Updated 4 years ago
- A collection of tips for using MISP.☆74Updated 5 months ago
- Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.☆34Updated 2 years ago