mytechnotalent / Zeek-Network-Security-MonitorLinks
A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
☆63Updated 3 years ago
Alternatives and similar repositories for Zeek-Network-Security-Monitor
Users that are interested in Zeek-Network-Security-Monitor are comparing it to the libraries listed below
Sorting:
- Collection of walkthroughs on various threat hunting techniques☆75Updated 5 years ago
- This contains a list of Blue Team Tools that I use daily, and have stored here for reference.☆35Updated 8 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆37Updated 3 years ago
- ☆55Updated 3 years ago
- PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…☆95Updated 4 years ago
- Tool for quickly gathering information from Shodan.io about the number of IPs which satisfy large number of different queries☆49Updated 2 years ago
- ☆92Updated last week
- Tool used to perform threat intelligence against packet data☆36Updated 9 months ago
- an awesome list of active defense resources☆126Updated 5 years ago
- Lokix Platform is a free open-source solution to help blue teams and threat hunters use Loki Scanner to sweep enterprise networks☆25Updated 5 years ago
- A MITRE ATT&CK Lookup Tool☆45Updated last year
- Corelight@Home script☆45Updated 2 years ago
- ☆70Updated 4 years ago
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Updated 5 years ago
- Library of threat hunts to get any user started!☆45Updated 5 years ago
- Sharing Threat Hunting runbooks☆25Updated 6 years ago
- ☆77Updated 6 years ago
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆32Updated 5 years ago
- Incident Response Network Tools☆24Updated 4 years ago
- Wrap any binary into a cached webserver☆56Updated 3 years ago
- A collection of tips for using MISP.☆74Updated 11 months ago
- Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translatin…☆126Updated 7 months ago
- Repository of resources for configuring a Red Team SIEM using Elastic☆101Updated 7 years ago
- Collection of Dashboards for Threat Hunting and more!☆70Updated 5 years ago
- A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry N…☆40Updated 6 months ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆45Updated 3 years ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆89Updated 2 years ago
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆59Updated 3 years ago
- MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.☆67Updated last year
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆49Updated last year