secureworks / daltonLinks
Suricata, Snort and Zeek IDS rule and pcap testing system
☆480Updated last month
Alternatives and similar repositories for dalton
Users that are interested in dalton are comparing it to the libraries listed below
Sorting:
- Scirius is a web application for Suricata ruleset management and threat hunting.☆654Updated last week
- a network packet capture compiler☆200Updated 3 years ago
- The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs).☆547Updated 2 years ago
- The tool for updating your Suricata rules.☆274Updated 2 weeks ago
- idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)☆282Updated last year
- Suricata rules for network anomaly detection☆164Updated 2 months ago
- Tool to extract indicators of compromise from security reports in PDF format☆436Updated 2 years ago
- Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark☆439Updated last year
- FireEye Publicly Shared Indicators of Compromise (IOCs)☆467Updated 6 years ago
- ☆172Updated 3 years ago
- Mapping the MITRE ATT&CK Matrix with Osquery☆796Updated 2 years ago
- PCAP Samples for Different Post Exploitation Techniques☆363Updated 4 years ago
- ☆1,074Updated 6 years ago
- Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search☆459Updated 2 weeks ago
- Suricata IDS/IPS log analytics using the Elastic Stack.☆239Updated 3 years ago
- A set of Zeek scripts to detect ATT&CK techniques.☆594Updated last year
- Super Next generation Advanced Reactive honEypot☆464Updated last year
- Deception based detection techniques mapped to the MITRE’s ATT&CK framework☆289Updated 7 years ago
- ☆306Updated 8 years ago
- Elemental - An ATT&CK Threat Library☆317Updated 2 years ago
- This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)☆104Updated 3 years ago
- Python library using the MISP Rest API☆468Updated last week
- DPS' Lightweight Investigation Notebook☆432Updated last year
- Security event correlation engine for ELK stack☆440Updated last year
- Extract and aggregate threat intelligence.☆868Updated last year
- Suspicious DGA from PDNS and Sandbox.☆185Updated 2 years ago
- Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.☆351Updated 3 years ago
- Utilities for MITRE™ ATT&CK☆1,032Updated last year
- An analytical framework for network traffic and behavioral analytics☆452Updated 2 years ago
- Defanged Indicator of Compromise (IOC) Extractor.☆535Updated 9 months ago