sans-blue-team / NSMView external linksLinks
This repository is created to add value to existing Network Security Monitoring solutions.
☆42Sep 20, 2016Updated 9 years ago
Alternatives and similar repositories for NSM
Users that are interested in NSM are comparing it to the libraries listed below
Sorting:
- Indices for courses in SANS' Network Security Operations curriculum☆17Feb 5, 2016Updated 10 years ago
- ☆11Jan 5, 2021Updated 5 years ago
- ☆56Jun 12, 2021Updated 4 years ago
- A collaborative CISSP notes card☆39Dec 20, 2015Updated 10 years ago
- ☆30Nov 15, 2018Updated 7 years ago
- This repository is created to add value to existing Network Security Monitoring solutions.☆17Sep 30, 2016Updated 9 years ago
- ☆77Jun 25, 2019Updated 6 years ago
- Mark Baggett's (@MarkBaggett - GSE #15, SANS SEC573 Author) tool for detecting randomness using NLP techniques rather than pure entropy c…☆129Oct 24, 2022Updated 3 years ago
- Detect Phishing with Bro IDS☆18Feb 1, 2017Updated 9 years ago
- Term concordances for each course in the SANS DFIR curriculum. Used for automated index generation.☆69Aug 7, 2020Updated 5 years ago
- ☆11Oct 21, 2020Updated 5 years ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- Here are some tools I developed to help analyze malware☆11Nov 8, 2023Updated 2 years ago
- ☆14Feb 8, 2020Updated 6 years ago
- This is a repository for freq.py and freq_server.py☆214Feb 1, 2026Updated last week
- ☆227Nov 9, 2023Updated 2 years ago
- A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis☆28Aug 6, 2025Updated 6 months ago
- Learn about a network from a pcap file or reading from an interface☆29Apr 6, 2024Updated last year
- ☆11Mar 12, 2021Updated 4 years ago
- Extensions for Zeek's Intelligence Framework.☆11Mar 1, 2022Updated 3 years ago
- MISP sighting server is a fast sighting server to store and look-up sightings on attributes (network indicators, file hashes, system indi…☆15Dec 24, 2023Updated 2 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Feb 20, 2024Updated last year
- ☆18Dec 6, 2022Updated 3 years ago
- A Powershell script for frequency analysis of separated values data files.☆17Jan 22, 2014Updated 12 years ago
- Alienvault OTX Bro IDS Connector☆78Sep 7, 2015Updated 10 years ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆36Jul 11, 2023Updated 2 years ago
- viewssld is a free, open source, non-terminating SSLv2/SSLv3/TLS traffic decryption daemon for Snort, and other Network Intrusion Detecti…☆74Aug 13, 2017Updated 8 years ago
- Use DNS to hunt for threats including DGAs☆15Jan 4, 2016Updated 10 years ago
- This is a framework written in EnScript to utilize the network capabilities of EnCase. The purpose is to allow for someone to build a qui…☆13Apr 22, 2015Updated 10 years ago
- SANS Blue Team Pages☆13Apr 8, 2017Updated 8 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2☆14Oct 12, 2020Updated 5 years ago
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- Personal repository with handy cheatsheets.☆16Oct 23, 2016Updated 9 years ago
- CryptnetURLCacheParser is a tool to parse CryptAPI cache files☆20Aug 3, 2024Updated last year
- Malformed Access Log to CSV - Convert Web Server Access Logs to CSV☆18Sep 3, 2024Updated last year
- Library of python scripts to apply Data Science in several forensics artifacts☆31Jul 16, 2020Updated 5 years ago
- Network Forensics Bro scripts & pcap samples☆63Mar 11, 2014Updated 11 years ago
- ☆2,383Oct 14, 2023Updated 2 years ago