set-element / auditdBroFramework
The Auditd Framework logs and applies security policy to linux auditd data
☆15Updated 7 years ago
Alternatives and similar repositories for auditdBroFramework:
Users that are interested in auditdBroFramework are comparing it to the libraries listed below
- IDS Utility Belt For Automating/Testing Various Things☆30Updated 4 years ago
- Ansible playbook to install Malware Information Sharing Platform (MISP)☆17Updated 10 years ago
- Honeypot log processor to create OTX Pulse entries☆28Updated last year
- A Docker container for Moloch based on minimal Debian☆26Updated 9 years ago
- Connectors for the Zeek NetControl framework☆19Updated last month
- FastIR Agent is a Windows service to execute FastIR Collector on demand☆14Updated 7 years ago
- My personal experience in Threat Hunting and knowledge gained so far.☆19Updated 7 years ago
- Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer☆42Updated 4 years ago
- Various Bro scripts☆38Updated 10 years ago
- ☆14Updated 11 months ago
- scan-detection policies for bro☆16Updated 2 months ago
- Vagrant configuration to setup a Thug honeyclient VM☆20Updated 10 years ago
- Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files☆44Updated 10 months ago
- Detect Phishing with Bro IDS☆18Updated 8 years ago
- Passive DNS V2☆61Updated 11 years ago
- Cli interface to threatcrowd.org☆19Updated 7 years ago
- Network timing evaluation used to detect beacons, works with argus flow as the source☆20Updated 8 years ago
- Metadata Inspection Database Alerting System☆42Updated 11 years ago
- Flexible framework that allows automation to process cyber threat information and update endpoint defense tools.☆21Updated 6 years ago
- ☆24Updated 5 years ago
- This is a copy of the Registry Decoder Live repository from Google Code☆9Updated 9 years ago
- Top DNS Measurement for Bro☆11Updated 4 years ago
- An ICAP Server with yara scanner for URL and content.☆59Updated 3 months ago
- Detect malicious domain, Blablablablabla☆26Updated 8 years ago
- A framework that correlates Bro events☆18Updated 11 years ago
- Transfer Kippo data to ElasticSearch☆18Updated 9 years ago
- Crawl certificate information from censys☆8Updated 8 years ago
- Traceroute improved wrapper for CSIRT and CERT operators☆37Updated 5 months ago
- Help summarize a PCAP file☆33Updated 13 years ago
- cuckoo-1.1 fork with suricata/moloch/clamav and other goodies☆23Updated 10 years ago