set-element / auditdBroFrameworkLinks
The Auditd Framework logs and applies security policy to linux auditd data
☆15Updated 7 years ago
Alternatives and similar repositories for auditdBroFramework
Users that are interested in auditdBroFramework are comparing it to the libraries listed below
Sorting:
- IDS Utility Belt For Automating/Testing Various Things☆30Updated 4 years ago
- An active domain name query tool to help keep track of domain name movements...☆15Updated 4 years ago
- FastIR Agent is a Windows service to execute FastIR Collector on demand☆14Updated 8 years ago
- Vagrant configuration to setup a Thug honeyclient VM☆20Updated 10 years ago
- API Tools☆27Updated 9 years ago
- Cli interface to threatcrowd.org☆19Updated 7 years ago
- API to access the Redis database of a BGP Ranking instance.☆17Updated 7 years ago
- Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer☆42Updated 4 years ago
- A Docker container for Moloch based on minimal Debian☆26Updated 9 years ago
- My personal experience in Threat Hunting and knowledge gained so far.☆19Updated 8 years ago
- Checks observables/ioc in TheHive/Cortex against the MISP warningslists☆14Updated 7 years ago
- Home to the ActorTrackr source code☆24Updated 7 years ago
- Crawl certificate information from censys☆8Updated 8 years ago
- Extract information from MISP via the API☆15Updated 8 years ago
- ☆14Updated last year
- scan-detection policies for bro☆16Updated 4 months ago
- Network Forensics Workshop Files☆17Updated 10 years ago
- integrating bro into yara☆33Updated 10 years ago
- A framework that correlates Bro events☆18Updated 11 years ago
- Debian and Red Hat packaging for SIE DNS sensor☆15Updated 2 years ago
- CRITs IOC Visualization in Maltego☆28Updated 10 years ago
- Detect malicious domain, Blablablablabla☆26Updated 8 years ago
- How can you track the hunting techniques you come up with?☆13Updated 7 years ago
- Detect Phishing with Bro IDS☆18Updated 8 years ago
- Multiple rules for yara-project for detect compiler/packer/protector☆33Updated 5 years ago
- Flexible framework that allows automation to process cyber threat information and update endpoint defense tools.☆21Updated 6 years ago
- Top DNS Measurement for Bro☆11Updated 4 years ago
- Honeypot log processor to create OTX Pulse entries☆28Updated last year
- Cuckoo Sandbox Local Maltego Transforms Project☆49Updated 10 years ago
- cuckoo-1.1 fork with suricata/moloch/clamav and other goodies☆23Updated 10 years ago