stratosphereips / zeek_anomaly_detectorLinks
A completely automated anomaly detector Zeek network flows files (conn.log).
☆80Updated 10 months ago
Alternatives and similar repositories for zeek_anomaly_detector
Users that are interested in zeek_anomaly_detector are comparing it to the libraries listed below
Sorting:
- Mapping NSM rules to MITRE ATT&CK☆71Updated 4 years ago
- zeek-scripts☆43Updated 6 years ago
- A python app to predict Att&ck tactics and techniques from cyber threat reports☆123Updated last year
- Zeek Training Materials/Products☆37Updated 3 weeks ago
- ☆111Updated 5 years ago
- A collection of resources for security data☆41Updated 7 years ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆62Updated last year
- ICS Cybersecurity PCAP respository☆53Updated 6 years ago
- Growing collection of Spicy-based protocol and file analyzers for Zeek☆31Updated 9 months ago
- Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security relate…☆166Updated last year
- Utility for parsing Bro log files into CSV or JSON format☆41Updated 2 years ago
- DGA Domains detection☆66Updated 7 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆72Updated last year
- Download pcap files from http://www.malware-traffic-analysis.net/☆78Updated 7 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆52Updated 2 years ago
- The Security Analyst’s Guide to Suricata☆56Updated last month
- ☆39Updated 2 months ago
- A tool to extract structured cyber information from incident reports.☆80Updated 6 years ago
- ☆51Updated 3 years ago
- The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere …☆50Updated 7 years ago
- Definition, description and relationship types of MISP objects☆99Updated 3 weeks ago
- This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)☆104Updated 3 years ago
- "Linking Threat Tactics, Techniques, and Patterns with Defensive Weaknesses, Vulnerabilities and Affected Platform Configurations for Cyb…☆95Updated 11 months ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Graphics, icons, and diagrams to support STIX 2☆46Updated 4 years ago
- Structured Threat Intelligence Graph☆94Updated 2 months ago
- A Zeek script to generate features based on timing, volume and metadata for traffic classification.☆56Updated 4 years ago
- Repository of all the sites related to infosec IP/Domain/Hash/SSL/etc OSINT and eventually will include more.☆66Updated last year
- OASIS Cyber Threat Intelligence (CTI) TC: A tool for generating STIX content for prototyping and testing. https://github.com/oasis-open/c…☆41Updated last year
- ☆55Updated 6 years ago