sshahriyar / totalads

Related projects ⓘ

Alternatives and complementary repositories for totalads

• cameling / logminer
  Mine patterns from logs
  ☆27Updated 7 years ago
• bez0r / BeaconBits
  Network timing evaluation used to detect beacons, works with argus flow as the source
  ☆19Updated 8 years ago
• ktneely / ir-scripts
  Random scripts for log mining, intel gathering, network querying, and other incident response-ish activities
  ☆16Updated 2 years ago
• morrigan / user-behavior-anomaly-detector
  User anomaly detector based on logs generated by Osquery framework and machine learning to process those logs.
  ☆33Updated 7 years ago
• salspaugh / splparser
  Simple parser for Splunk Processing Language (SPL) written in Python.
  ☆35Updated 6 years ago
• query-ai / queryai-kibana-plugin
  Query.AI plugin for Kibana
  ☆13Updated 5 years ago
• set-element / auditdBroFramework
  The Auditd Framework logs and applies security policy to linux auditd data
  ☆15Updated 6 years ago
• socprime / SigmaRulesIntegration
  ☆15Updated 6 years ago
• Open-Network-Insight / oni-demo
  Download a demo version of Open Network Insight, which can be run standalone on a windows laptop using Winpython https://sourceforge.net/…
  ☆9Updated 7 years ago
• farsightsec / sie-dns-sensor
  Debian and Red Hat packaging for SIE DNS sensor
  ☆15Updated last year
• automayt / FlowPlotter
  Generates visualizations from the output of flow tools such as SiLK.
  ☆35Updated 7 years ago
• dgunter / ParseZeekLogs
  Utility for parsing Bro log files into CSV or JSON format
  ☆41Updated last year
• jayjacobs / dga
  Classifier to separate legitimate domains from those generated by a domain generating algorithm (DGA).
  ☆42Updated 8 years ago
• Intevation / intelmq-mailgen
  IntelMQ command line tool to process events and send out email notifications.
  ☆9Updated 2 months ago
• corelight / got_zoom
  A Zeek package that detects Zoom logins and meeting joins
  ☆11Updated 4 years ago
• coolacid / GettingStartedWithELK
  Getting Started with ELK
  ☆50Updated 8 years ago
• CERT-Bund / yara-exporter
  Exporting MISP event attributes to yara rules usable with Thor apt scanner
  ☆24Updated 7 years ago
• chrislee35 / yaratool
  Python libary to normalize Yara signatures
  ☆19Updated 4 years ago
• pauloangelo / hogzilla
  Hogzilla is an Intrusion Detection System (IDS) supported by Snort, Apache Spark, HBase and libnDPI, which provides Network Anomaly Detec…
  ☆28Updated 6 years ago
• mixmodeai / bro_intel_linter
  Bro Intel Feed Linter
  ☆26Updated 5 years ago
• MISP / misp-graph
  A tool to convert MISP XML files (events and attributes) into graphs
  ☆20Updated 7 years ago
• CybOXProject / schemas
  CybOX Schemas and Schema Development
  ☆42Updated 7 years ago
• sethhall / domain-tld
  Zeek script library for getting the effective TLD of a domain.
  ☆13Updated 7 months ago
• jasonish / docker-suricata-elk
  [ABANDONED] A Docker container running Suricata and the ELK stack.
  ☆22Updated 8 years ago
• stucco / data
  Collection of data sources that can be used to provide context to security events
  ☆25Updated 9 years ago
• egaus / wayfinder
  ☆9Updated 6 years ago
• DCSO / slinkwatch
  automatic enumeration and maintenance of Suricata monitoring interfaces
  ☆11Updated 4 years ago
• vz-risk / Verum
  Implementation of Context-Graph algorithms for graph enrichment and querying.
  ☆24Updated 9 years ago