sandflysecurity / sandfly-setupLinks
Sandfly Security Agentless Compromise and Intrusion Detection System For Linux
☆79Updated last month
Alternatives and similar repositories for sandfly-setup
Users that are interested in sandfly-setup are comparing it to the libraries listed below
Sorting:
- A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the…☆62Updated 2 years ago
- Tool for quickly gathering information from Shodan.io about the number of IPs which satisfy large number of different queries☆49Updated 2 years ago
- Log aggregation, analysis, alerting and correlation for Windows, Syslog and text based logs.☆23Updated 8 years ago
- PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…☆95Updated 4 years ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆44Updated last year
- Sharing Threat Hunting runbooks☆26Updated 6 years ago
- IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.☆35Updated 3 years ago
- Practical Information Sharing between Law Enforcement and CSIRT communities using MISP☆33Updated last year
- A MITRE ATT&CK Lookup Tool☆45Updated last year
- Automatic detection engineering technical state compliance☆55Updated last year
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Passive OS detection based on SYN packets without Transmitting any Data☆47Updated 2 years ago
- A collection of scripts, tools. and configs for various OS'es and applications, all free and or open-source, to assist in impromptu Blue-…☆98Updated 11 months ago
- Tool used to perform threat intelligence against packet data☆35Updated 5 months ago
- MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.☆65Updated last year
- Fast IOC and YARA Scanner☆80Updated 5 years ago
- Curated list of awesome, open source data exfiltration tools☆58Updated 3 years ago
- Windows Security Logging☆43Updated 2 years ago
- Scapy packet fragment reassembly engines☆33Updated 4 years ago
- A basic Python program to check Cybersecurity & Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEV) Catalog☆19Updated 2 years ago
- ☆11Updated 4 years ago
- ☆64Updated 4 months ago
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆27Updated 4 years ago
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆32Updated 5 years ago
- CSI SIEM☆110Updated 2 years ago
- Acheron is a RESTful vulnerability assessment and management framework built around search and dedicated to terminal extensibility.☆32Updated 2 years ago
- An experimental Velociraptor implementation using cloud infrastructure☆25Updated 2 weeks ago
- Threat intelligence and threat detection indicators (IOC, IOA)☆52Updated 4 years ago
- Stand-Alone Windows Hardening (SAWH) is a script to reduce the attack surface of Windows systems that are not attached to a Windows Activ…☆53Updated 3 years ago
- SANS Slingshot Linux Distribution☆51Updated 4 years ago