slacker007 / Bro-NetworkSecurityMonitoringLinks
collection of bro and bash scripts that when run from the same directory on Linux distro with bro installed, will pull information such as active HTTP conns, FTP conns, etc. It also carves various types of files at the same time. They can be run against snort logs or pcaps
☆12Updated 9 years ago
Alternatives and similar repositories for Bro-NetworkSecurityMonitoring
Users that are interested in Bro-NetworkSecurityMonitoring are comparing it to the libraries listed below
Sorting:
- Various Bro scripts☆97Updated 9 years ago
- Network Forensics Bro scripts & pcap samples☆63Updated 11 years ago
- Scripts for Bro IDS and ELK Stack☆57Updated 10 years ago
- Cyber Intel Management☆49Updated 7 years ago
- IOC (Indicator of Compromise) Extractor: a program to help extract IOCs from text files.☆134Updated 9 years ago
- A collection of bro_scripts and signatures☆27Updated 6 years ago
- STIX Visualization Tool☆109Updated 7 years ago
- Bro scripts to be shared with the community☆111Updated 12 years ago
- ☆37Updated 11 years ago
- Hunting IOCs all day every day...☆86Updated last year
- a Malware/Threat Analyst Desktop☆89Updated 10 years ago
- A collection of Bro scripts I've written☆41Updated 10 years ago
- Bro stuff.☆12Updated 9 years ago
- Threat Intelligence distribution☆30Updated 9 years ago
- IOC Management and Visualization Tool☆47Updated 2 years ago
- Aggregates security threats from a number of online sources, and outputs to Syslog CEF, Snort Signatures, Iptables rules, hosts.deny, etc…☆82Updated 9 years ago
- ☆72Updated 3 years ago
- TIH is an intelligence tool that helps you in searching for IOCs across multiple openly available security feeds and some well known APIs…☆153Updated 2 months ago
- Just another tool to extract Indicator of compromise (ioc) from files☆29Updated 9 years ago
- Credential Phish Analysis and Automation☆97Updated 7 years ago
- QRadio ~ Best Threat Intelligence Radio ~ Tune In!☆96Updated 9 years ago
- This is a script module for Bro that encapsulates and detects activity related to the Mandiant APT1 report.☆48Updated 11 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆35Updated 9 years ago
- Python script to pull various IOCs from PDFs☆15Updated 10 years ago
- integrating bro into yara☆33Updated 10 years ago
- Collecting & Hunting for IOCs with gusto and style☆116Updated 7 years ago
- Imports Alienvault OTX pulses to a MISP instance☆53Updated 3 years ago
- Transforms for the AlienVault OTX service☆39Updated 8 years ago
- A modular Python application to pull intelligence about malicious files☆122Updated 4 years ago
- CuckooMX is a project to automate analysis of files transmitted over SMTP (using the Cuckoo sandbox)☆41Updated 13 years ago