secureworks / aristotle
☆38Updated 4 months ago
Alternatives and similar repositories for aristotle:
Users that are interested in aristotle are comparing it to the libraries listed below
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆68Updated last month
- Import specific data sources into the Sigma generic and open signature format.☆77Updated 2 years ago
- Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert☆37Updated 2 years ago
- Mapping NSM rules to MITRE ATT&CK☆70Updated 4 years ago
- Zeek package to generate a SMB client fingerprint☆27Updated 4 years ago
- A website and framework for testing NIDS detection☆57Updated 3 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆39Updated last year
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆34Updated 2 years ago
- Python tool for converting from joy format to JA3 format SSL/TLS hashes☆11Updated 4 years ago
- Wireshark plugin to display Suricata analysis info☆93Updated 3 years ago
- Zeek support for Community ID flow hashing.☆35Updated last year
- CyCAT.org API back-end server including crawlers☆30Updated 2 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆51Updated 2 years ago
- Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies☆27Updated 11 months ago
- Repository of all the sites related to infosec IP/Domain/Hash/SSL/etc OSINT and eventually will include more.☆66Updated 10 months ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆61Updated last year
- ☆34Updated 4 years ago
- The FASTEST way to consume threat intel.☆68Updated last year
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆85Updated 2 years ago
- Utility for parsing Bro log files into CSV or JSON format☆41Updated 2 years ago
- ☆33Updated 3 years ago
- Get started using Synapse Open-Source to start a Cortex and perform analysis within your area of expertise.☆40Updated 2 years ago
- ☆33Updated 4 years ago
- Graph Representation of MITRE ATT&CK's CTI data☆48Updated 5 years ago
- Zeek plugin to generate data on per-packet sizes and intervals☆14Updated 4 years ago
- fast, extensible, versatile event router for Suricata's EVE-JSON format☆51Updated 8 months ago
- YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.☆27Updated 3 years ago
- Website crawler with YARA detection☆88Updated last year
- Zeek package for tracking long connections to report them before they have completed.☆30Updated last month
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago