Alternatives and similar repositories for Zeek-Network-Security-Monitor

Users that are interested in Zeek-Network-Security-Monitor are comparing it to the libraries listed below

• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆35Updated 2 years ago
• activecm / threat-hunting-labs
  Collection of walkthroughs on various threat hunting techniques
  ☆75Updated 4 years ago
• shr3ddersec / ThreatHunting
  Reference sheet for Threat Hunting Professional Course
  ☆25Updated 6 years ago
• curated-intel / attack-lookup
  A MITRE ATT&CK Lookup Tool
  ☆45Updated last year
• w8mej / ThreatPlays
  Sharing Threat Hunting runbooks
  ☆26Updated 5 years ago
• Maboalenen / DFIR
  Incident response teams usually working on the offline data, collecting the evidence, then analyze the data
  ☆45Updated 3 years ago
• 0xThiebaut / sigmai
  Import specific data sources into the Sigma generic and open signature format.
  ☆78Updated 3 years ago
• nidem / forgedpillow
  A tool to modify timestamps in a packet capture to a user selected date
  ☆31Updated 3 years ago
• weslambert / securityonion-misp
  ☆35Updated 4 years ago
• SecurityNik / pktIntel
  Tool used to perform threat intelligence against packet data
  ☆35Updated 5 months ago
• corelight / threat-hunting-guide
  ☆51Updated 3 years ago
• hxnoyd / ossem-power-up
  A tool to assess data quality, built on top of the awesome OSSEM.
  ☆78Updated 2 years ago
• infosecB / detection-as-code
  An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
  ☆57Updated 3 years ago
• csirtgadgets / verbose-robot
  The Fastest way to consume Threat Intel
  ☆25Updated 3 years ago
• Hestat / soc-threat-hunting
  Repo of python/bash scripts for identifying IoC's in threat feed and other online tools
  ☆27Updated 4 years ago
• dcarlin / Blue-Team-Tools
  This contains a list of Blue Team Tools that I use daily, and have stored here for reference.
  ☆34Updated 7 years ago
• CERT-Bund / IRNetTools
  Incident Response Network Tools
  ☆24Updated 3 years ago
• securitydistractions / elastimispstash
  ☆29Updated 4 years ago
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆44Updated last year
• randomuserid / Baltar
  Searches for Insider Threat Hunting
  ☆32Updated 6 years ago
• swisscom / detections
  Threat intelligence and threat detection indicators (IOC, IOA)
  ☆52Updated 4 years ago
• Loginsoft-LLC / threat-detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆52Updated 2 years ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆55Updated 11 months ago
• Acheron-VAF / Acheron
  Acheron is a RESTful vulnerability assessment and management framework built around search and dedicated to terminal extensibility.
  ☆32Updated 2 years ago
• PolitoInc / ELK-Hunting
  Threat Hunting with ELK Workshop (InfoSecWorld 2017)
  ☆66Updated 7 years ago
• MISP / misp-cloud
  misp-cloud - Cloud-ready images of MISP
  ☆73Updated 2 years ago
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆55Updated 5 years ago
• packetsifter / packetsifterTool
  PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…
  ☆95Updated 4 years ago
• OTRF / infosec-jupyterthon
  A community event for security researchers to share their favorite notebooks
  ☆107Updated last year
• MarkBaggett / apiify
  Wrap any binary into a cached webserver
  ☆53Updated 3 years ago