stratosphereips / zeek_anomaly_detectorLinks
A completely automated anomaly detector Zeek network flows files (conn.log).
☆83Updated 11 months ago
Alternatives and similar repositories for zeek_anomaly_detector
Users that are interested in zeek_anomaly_detector are comparing it to the libraries listed below
Sorting:
- Mapping NSM rules to MITRE ATT&CK☆71Updated 4 years ago
- A collection of resources for security data☆41Updated 7 years ago
- A python app to predict Att&ck tactics and techniques from cyber threat reports☆124Updated last year
- Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security relate…☆167Updated last year
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆62Updated last year
- Zeek Training Materials/Products☆39Updated 2 months ago
- zeek-scripts☆44Updated 6 years ago
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆171Updated 2 years ago
- Definition, description and relationship types of MISP objects☆99Updated this week
- ☆49Updated last year
- Utility for parsing Bro log files into CSV or JSON format☆41Updated 2 years ago
- STIX 2.1 Visualizer, Attack and Activity Thread Graph for Threat Modeling☆33Updated 7 months ago
- Graph Representation of MITRE ATT&CK's CTI data☆48Updated 5 years ago
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆105Updated last year
- Zeek IDS Dockerfile☆101Updated 2 years ago
- PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.☆155Updated 4 months ago
- Structured Threat Intelligence Graph☆95Updated 4 months ago
- Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark☆439Updated last year
- This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant ya…☆122Updated 4 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆123Updated 4 years ago
- A web-based tool to assist the work of the intuitive threat analysts.☆113Updated 6 years ago
- Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets☆139Updated 4 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆121Updated 4 years ago
- OASIS TC Open Repository: TAXII 2 Server Library Written in Python☆130Updated last year
- Tools to interact with APTnotes reporting/index.☆103Updated 4 years ago
- "Linking Threat Tactics, Techniques, and Patterns with Defensive Weaknesses, Vulnerabilities and Affected Platform Configurations for Cyb…☆96Updated last year
- Threat Detection & Anomaly Detection rules for popular open-source components☆52Updated 3 years ago
- OASIS Cyber Threat Intelligence (CTI) TC: A repository for commonly used STIX objects in order to avoid needless duplication. https://gi…☆93Updated last month
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆263Updated 2 years ago
- Download pcap files from http://www.malware-traffic-analysis.net/☆79Updated 7 years ago