sealingtech / EDCOP-SURICATA

Related projects: ⓘ

• DCSO / fever
  fast, extensible, versatile event router for Suricata's EVE-JSON format
  ☆50Updated 2 months ago
• gdestuynder / audisp-json
  ☆42Updated 3 years ago
• Scribery / aushape
  A library and a tool for converting audit logs to XML and JSON
  ☆41Updated 6 years ago
• dnstap / dnstap.pb
  flexible, structured event replication format for DNS servers (Protocol Buffers schema)
  ☆24Updated 6 months ago
• JustinAzoff / can-i-use-afpacket-fanout
  Validate if afpacket PACKET_FANOUT_HASH is working properly
  ☆25Updated 2 years ago
• zeek / time-machine
  Time-Machine Dynamic Bulk Packet Recorder
  ☆35Updated 8 months ago
• JustinAzoff / flow-indexer
  Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files
  ☆44Updated 4 months ago
• ncsa / dumbno
  No elephant flows - flow shunting for Arista switches using EOS API
  ☆27Updated 3 years ago
• sealingtech / EDCOP
  Expandable Defensive Cyber Operations Platform
  ☆43Updated last year
• auditNG / auditNG
  ☆11Updated 6 years ago
• eait-itig / flow-collector
  aggregate IP flow data for storage in a ClickHouse database
  ☆20Updated 5 months ago
• kung-foo / certgrep
  certgrep is a cross-platform command line tool that extracts SSL certificates from either a network interface or a local PCAP file.
  ☆17Updated 2 years ago
• gdestuynder / audisp-cef
  CEF plugin for audisp (Linux Audit)
  ☆23Updated 8 years ago
• xeraa / auditbeat-in-action
  Demo for Elastic's Auditbeat and SIEM
  ☆24Updated 3 years ago
• asch / lsdn
  LSDN: Linux Software Defined Network
  ☆25Updated 3 years ago
• hknutzen / Netspoc
  A network security policy compiler. Netspoc is targeted at environments with a large number of firewalls and admins. Firewall rules are d…
  ☆67Updated this week
• counterflow-ai-archive / dragonfly-mle
  ☆52Updated this week
• secynic / nfsinkhole
  nfsinkhole is a Python library and scripts for setting up a Linux server as a sinkhole (monitor, log/capture, and drop all traffic to a s…
  ☆12Updated 7 years ago
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆32Updated last year
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆33Updated 3 weeks ago
• irtimmer / bro-xdp_packet-plugin
  Plugin providing AF_XDP support for Bro.
  ☆14Updated 3 years ago
• rsyslog / liblognorm-rulebases
  rulebases for normalization with liblognorm
  ☆12Updated 8 years ago
• farsightsec / nmsg
  network message encapsulation library
  ☆30Updated this week
• noahdavids / packet-analysis
  things to assist in packet analysis
  ☆26Updated last year
• samuelesabella / ebpflow
  This repo aims to offer a packet flow tracer based on bpf
  ☆13Updated 4 years ago
• jasonish / suricata-rpms
  Suricata RPMs for CentOS/RHEL and Fedora
  ☆19Updated last week
• simple-evcorr / rulesets
  Simple Event Correlator ruleset repository
  ☆31Updated 2 years ago
• calmh / ipfixcat
  Convert an IPFIX stream to readable JSON
  ☆26Updated 7 years ago
• StamusNetworks / KTS5
  Kibana 5 Templates for Suricata IDPS
  ☆43Updated 6 years ago
• JustinAzoff / ssh-auth-logger
  A low/zero interaction ssh authentication logging honeypot
  ☆17Updated last month