stratosphereips / zeek_anomaly_detectorLinks
A completely automated anomaly detector Zeek network flows files (conn.log).
☆82Updated 5 months ago
Alternatives and similar repositories for zeek_anomaly_detector
Users that are interested in zeek_anomaly_detector are comparing it to the libraries listed below
Sorting:
- Mapping NSM rules to MITRE ATT&CK☆73Updated 5 years ago
- A collection of resources for security data☆41Updated 8 years ago
- A python app to predict Att&ck tactics and techniques from cyber threat reports☆128Updated 2 years ago
- ☆54Updated 2 years ago
- zeek-scripts☆45Updated 7 years ago
- Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security relate…☆179Updated 2 years ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆62Updated 2 years ago
- STIX 2.1 Visualizer, Attack and Activity Thread Graph for Threat Modeling☆33Updated last year
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆124Updated 5 years ago
- Utility for parsing Bro log files into CSV or JSON format☆41Updated 3 years ago
- A tool to extract structured cyber information from incident reports.☆82Updated 7 years ago
- Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark☆451Updated 2 years ago
- Unfetter Insight performs natural language processing and analysis for text data to determine and convert to CTI Stix data automatically.☆20Updated 7 years ago
- Download pcap files from http://www.malware-traffic-analysis.net/☆81Updated 8 years ago
- Structured Threat Intelligence Graph☆98Updated last month
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆122Updated 4 years ago
- Zeek Training Materials/Products☆41Updated last month
- ☆132Updated 5 years ago
- ☆22Updated 3 years ago
- Zeek support for Community ID flow hashing.☆37Updated 2 years ago
- Zeek IDS Dockerfile☆101Updated 3 years ago
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆172Updated 2 years ago
- Repository of all the sites related to infosec IP/Domain/Hash/SSL/etc OSINT and eventually will include more.☆70Updated 3 months ago
- Definition, description and relationship types of MISP objects☆105Updated 2 weeks ago
- A curated list of resources related to Industrial Control System (ICS) security.☆21Updated 4 years ago
- "Linking Threat Tactics, Techniques, and Patterns with Defensive Weaknesses, Vulnerabilities and Affected Platform Configurations for Cyb…☆102Updated 2 months ago
- OASIS TC Open Repository: Lightweight visualization for STIX 2.0 objects and relationships☆161Updated 2 weeks ago
- PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.☆162Updated 10 months ago
- OASIS Cyber Threat Intelligence (CTI) TC: A repository for commonly used STIX objects in order to avoid needless duplication. https://gi…☆98Updated 8 months ago
- Zeek network security monitor plugin that enables parsing of the Ethernet/IP and Common Industrial Protocol standards☆46Updated last year