set-element / auditdBroFrameworkLinks
The Auditd Framework logs and applies security policy to linux auditd data
☆15Updated 7 years ago
Alternatives and similar repositories for auditdBroFramework
Users that are interested in auditdBroFramework are comparing it to the libraries listed below
Sorting:
- Generates visualizations from the output of flow tools such as SiLK.☆35Updated 8 years ago
- Detect Phishing with Bro IDS☆18Updated 8 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- Traceroute improved wrapper for CSIRT and CERT operators☆38Updated 9 months ago
- module for osquery to load Bro logs into tables☆28Updated 10 years ago
- Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer☆42Updated 5 years ago
- Home to the ActorTrackr source code☆24Updated 8 years ago
- Unpack MIME attachments from a file and check them against virustotal.com☆44Updated 9 years ago
- Cyber Defence Monitoring Course Suite :: Suricata, Bro, Moloch☆61Updated 8 years ago
- integrating bro into yara☆33Updated 10 years ago
- IDS Utility Belt For Automating/Testing Various Things☆30Updated 4 years ago
- Passive Network Audit Framework☆32Updated 7 years ago
- ☆85Updated 11 years ago
- Cli interface to threatcrowd.org☆19Updated 8 years ago
- brostash: Linux distribution based on Debian and focusing on network security events collection☆34Updated 4 years ago
- SANS Hunting on the Cheap☆35Updated 9 years ago
- Honeypot log processor to create OTX Pulse entries☆28Updated last year
- Flexible framework that allows automation to process cyber threat information and update endpoint defense tools.☆20Updated 6 years ago
- My personal experience in Threat Hunting and knowledge gained so far.☆19Updated 8 years ago
- Bro Intel Feed Linter☆26Updated 5 years ago
- Yara is awesome, but sometimes you need to manipulate the data streams you're scanning in different ways.☆97Updated 10 years ago
- This repository is a curated list of pro bono incident response entities.☆20Updated 2 years ago
- Ansible playbook to install Malware Information Sharing Platform (MISP)☆17Updated 10 years ago
- An ICAP Server with yara scanner for URL and content.☆59Updated 7 months ago
- Deploy MISP Project software with Vagrant.☆43Updated 5 years ago
- Bro-IDS scripts☆50Updated 8 years ago
- Metadata Inspection Database Alerting System☆42Updated 12 years ago
- YETI is a TAXII implementation☆46Updated 6 years ago
- **BETA** A simple buildscript for network security monitoring on RHEL/CentOS☆31Updated 8 years ago
- Security Onion Elastic Stack☆46Updated 4 years ago