packetsifter / packetsifterTool
PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Packetsifter accepts a pcap as an argument and outputs several files.
☆93Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for packetsifterTool
- ☆41Updated 7 months ago
- Tool for quickly gathering information from Shodan.io about the number of IPs which satisfy large number of different queries☆44Updated last year
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆57Updated 2 years ago
- IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.☆34Updated 2 years ago
- This script provides a Python library with methods to authenticate to various sources of threat intelligence and query IPs for the latest…☆18Updated 2 years ago
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆65Updated 2 years ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 2 years ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆64Updated last week
- ☆79Updated last year
- PlasmaPup is designed to help central and departmental IT personnel understand their exposures in Active Directory by showing which accou…☆27Updated 7 months ago
- Passive OS detection based on SYN packets without Transmitting any Data☆45Updated last year
- A tool to modify timestamps in a packet capture to a user selected date☆31Updated 3 years ago
- Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop☆56Updated last week
- Automatic detection engineering technical state compliance☆50Updated 4 months ago
- Active C2 IoCs☆96Updated last year
- Script to test NetSec capabilities.☆21Updated last year
- gundog - guided hunting in Microsoft Defender☆52Updated 3 years ago
- Automatic Sender Policy Framework Reconnaissance☆18Updated 6 years ago
- My conference presentations☆66Updated last year
- Run Velociraptor on Security Onion☆34Updated 2 years ago
- ☆46Updated 2 years ago
- Virtual Security Operations Center☆49Updated last year
- MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.☆60Updated 7 months ago
- nse script to inject jndi payloads☆45Updated 2 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆31Updated 3 weeks ago
- ☆37Updated 2 years ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆62Updated 2 years ago
- Carbon Black Response IR tool☆53Updated 3 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 2 years ago