sandflysecurity / sandfly-setup
Sandfly Security Agentless Compromise and Intrusion Detection System For Linux
☆70Updated this week
Alternatives and similar repositories for sandfly-setup:
Users that are interested in sandfly-setup are comparing it to the libraries listed below
- A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the…☆61Updated 2 years ago
- Tool for quickly gathering information from Shodan.io about the number of IPs which satisfy large number of different queries☆47Updated 2 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆14Updated 2 years ago
- Incident Response Network Tools☆24Updated 3 years ago
- IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.☆34Updated 2 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆32Updated last month
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- An experimental Velociraptor implementation using cloud infrastructure☆23Updated this week
- Passive OS detection based on SYN packets without Transmitting any Data☆45Updated last year
- This script provides a Python library with methods to authenticate to various sources of threat intelligence and query IPs for the latest…☆18Updated 2 years ago
- Defence Against the Dark Arts☆34Updated 5 years ago
- Sharing Threat Hunting runbooks☆24Updated 5 years ago
- Windows Security Logging☆43Updated 2 years ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆38Updated 8 months ago
- A MITRE ATT&CK Lookup Tool☆45Updated 8 months ago
- CSIRT Jump Bag☆27Updated 8 months ago
- On demand query API for https://github.com/davidonzo/Threat-Intel project.☆53Updated 7 months ago
- Accompanying documentation, images, source code and other stuff from the cybernomad.online blog☆26Updated 4 years ago
- Very basic CLI SIEM (Security Information and Event Management system).☆36Updated 6 years ago
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆32Updated 5 years ago
- Pure Honeypots with an automated bash script☆19Updated 3 years ago
- ELKFH - Elastic, Logstash, Kibana, Filebeat and Honeypot (HTTP, HTTPS, SSH, RDP, VNC, Redis, MySQL, MONGO, SMB, LDAP)☆45Updated 3 years ago
- Quick lookup files for SUNBURST Backdoor☆12Updated 4 years ago
- Threat intelligence and threat detection indicators (IOC, IOA)☆53Updated 4 years ago
- Distributed nmap.☆12Updated last year
- Log aggregation, analysis, alerting and correlation for Windows, Syslog and text based logs.☆24Updated 8 years ago
- Automatically exported from code.google.com/p/nipper-ng☆68Updated 2 years ago
- ☆15Updated last year
- A collection of scripts for the purpose of gathering open source intelligence, to be presented at GrayHat, BSides Denver, and Information…☆25Updated 3 years ago