sshahriyar / totalads

Related projects: ⓘ

• bez0r / BeaconBits
  Network timing evaluation used to detect beacons, works with argus flow as the source
  ☆18Updated 8 years ago
• cameling / logminer
  Mine patterns from logs
  ☆27Updated 7 years ago
• morrigan / user-behavior-anomaly-detector
  User anomaly detector based on logs generated by Osquery framework and machine learning to process those logs.
  ☆33Updated 7 years ago
• pauloangelo / hogzilla
  Hogzilla is an Intrusion Detection System (IDS) supported by Snort, Apache Spark, HBase and libnDPI, which provides Network Anomaly Detec…
  ☆28Updated 6 years ago
• salspaugh / splparser
  Simple parser for Splunk Processing Language (SPL) written in Python.
  ☆35Updated 6 years ago
• jayjacobs / dga
  Classifier to separate legitimate domains from those generated by a domain generating algorithm (DGA).
  ☆42Updated 7 years ago
• farsightsec / sie-dns-sensor
  Debian and Red Hat packaging for SIE DNS sensor
  ☆14Updated last year
• g-clef / KafkaLogger
  Logging plugin to bro to send logs to a Kafka broker
  ☆20Updated 6 years ago
• OpenSOC / opensoc-vagrant
  Vagrantfile and scripts for building a disposable OpenSOC Cluster
  ☆29Updated 7 years ago
• jasonish / docker-suricata-elk
  [ABANDONED] A Docker container running Suricata and the ELK stack.
  ☆22Updated 8 years ago
• stucco / data
  Collection of data sources that can be used to provide context to security events
  ☆23Updated 9 years ago
• ssallys / p3
  An open source pcap packet and NetFlow file analysis tool using Hadoop MapReduce and Hive.
  ☆43Updated 11 years ago
• coolacid / GettingStartedWithELK
  Getting Started with ELK
  ☆50Updated 8 years ago
• JustinAzoff / flow-indexer
  Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files
  ☆44Updated 4 months ago
• set-element / auditdBroFramework
  The Auditd Framework logs and applies security policy to linux auditd data
  ☆15Updated 6 years ago
• keeganhines / snowman
  ☆12Updated 7 years ago
• fideliscyber / data_mining
  ☆34Updated this week
• carolynduby / ApacheMetronWorkshop
  Apache Metron Workshop Lab materials and instructions.
  ☆35Updated 4 years ago
• eraclitux / machine-learning-netflow
  Ipython notebook that illustrates effectiveness of machine learning algorithms in anomaly detection of netflow data (inbound/outbound DDo…
  ☆78Updated 7 years ago
• MalwareSoup / sysmon2neo4j
  ☆15Updated 7 years ago
• kx499-zz / ostip
  ☆28Updated 7 years ago
• OpenSOC / opensoc-ui
  User interface for OpenSOC
  ☆100Updated 9 years ago
• zeek / time-machine
  Time-Machine Dynamic Bulk Packet Recorder
  ☆35Updated 8 months ago
• Open-Network-Insight / oni-demo
  Download a demo version of Open Network Insight, which can be run standalone on a windows laptop using Winpython https://sourceforge.net/…
  ☆9Updated 7 years ago
• splunk / gephi-splunk-project
  ☆13Updated this week
• TAXIIProject / java-taxii
  A Java library for handling TAXII Messages and invoking TAXII Services.
  ☆19Updated 5 years ago
• corelight / log-add-http-post-bodies
  Add POST body excerpt to Bro's HTTP log
  ☆14Updated 4 months ago
• xme / fpc
  Full Packet Capture for the Masses
  ☆15Updated 6 years ago
• taterhead / PCAP-Index
  Set of scripts to index PCAP files and retrieve packets
  ☆14Updated 9 years ago
• Blueliv / elk-config-examples
  Example Configuration for ELK stack with Blueliv Plugin
  ☆10Updated last year