sandflysecurity / sandfly-setupLinks
Sandfly Security Agentless Compromise and Intrusion Detection System For Linux
☆81Updated 2 weeks ago
Alternatives and similar repositories for sandfly-setup
Users that are interested in sandfly-setup are comparing it to the libraries listed below
Sorting:
- Fast IOC and YARA Scanner☆80Updated 5 years ago
- A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the…☆62Updated 2 years ago
- PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…☆95Updated 4 years ago
- Tool for quickly gathering information from Shodan.io about the number of IPs which satisfy large number of different queries☆49Updated 2 years ago
- CSI SIEM☆110Updated 2 years ago
- an awesome list of active defense resources☆123Updated 5 years ago
- An experimental Velociraptor implementation using cloud infrastructure☆25Updated last month
- ☆80Updated 2 years ago
- IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.☆35Updated 3 years ago
- Security Onion + Automation + Response Lab including n8n and Velociraptor☆110Updated 2 years ago
- ELKFH - Elastic, Logstash, Kibana, Filebeat and Honeypot (HTTP, HTTPS, SSH, RDP, VNC, Redis, MySQL, MONGO, SMB, LDAP)☆46Updated 4 years ago
- 🧬 Mitre Interactive Network Graph (APTs, Malware, Tools, Techniques & Tactics)☆94Updated 3 years ago
- A collection of scripts, tools. and configs for various OS'es and applications, all free and or open-source, to assist in impromptu Blue-…☆99Updated last year
- Run Velociraptor on Security Onion☆39Updated 3 years ago
- Passive OS detection based on SYN packets without Transmitting any Data☆47Updated 2 years ago
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆32Updated 5 years ago
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆70Updated 2 years ago
- MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.☆65Updated last year
- Tool used to perform threat intelligence against packet data☆35Updated 6 months ago
- Accompanying documentation, images, source code and other stuff from the cybernomad.online blog☆28Updated 4 years ago
- Practical Information Sharing between Law Enforcement and CSIRT communities using MISP☆33Updated last year
- ☆25Updated last week
- Python command line tool used for generating GIAC Certification indexes.☆26Updated 2 years ago
- ☆55Updated this week
- Web interface for monitoring and interacting with Netflow data stored in Silk repositories.☆13Updated 6 years ago
- Wrap any binary into a cached webserver☆53Updated 3 years ago
- Incident Response Network Tools☆24Updated 4 years ago
- ☆68Updated 4 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆31Updated 6 months ago
- Log aggregation, analysis, alerting and correlation for Windows, Syslog and text based logs.☆23Updated 8 years ago