sysflow-telemetry / sf-apis

Related projects ⓘ

Alternatives and complementary repositories for sf-apis

• sysflow-telemetry / sf-collector
  SysFlow collection probe
  ☆15Updated last week
• 0xtf / nsm-attack
  Mapping NSM rules to MITRE ATT&CK
  ☆68Updated 4 years ago
• zeek / zeek-agent
  This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2
  ☆124Updated 4 years ago
• oasis-open / cti-documentation
  OASIS TC Open Repository: GitHub Pages site for STIX and TAXII
  ☆94Updated 3 weeks ago
• sysflow-telemetry / sysflow
  SysFlow documentation and issues tracker
  ☆45Updated last month
• OTRF / detection-hackathon-apt29
  Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets
  ☆132Updated 4 years ago
• endgameinc / eqllib
  ☆158Updated 3 years ago
• fireeye / OpenIOC_1.1
  ☆127Updated 3 years ago
• tenzir / threatbus
  🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.
  ☆258Updated last year
• SpiderLabs / IOCs-IDPS
  This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)
  ☆98Updated 3 years ago
• SecurityRiskAdvisors / TALR
  Threat Alert Logic Repository
  ☆89Updated 5 years ago
• michalpurzynski / zeek-scripts
  zeek-scripts
  ☆41Updated 5 years ago
• ExabeamLabs / Content-Doc
  ☆125Updated last year
• spyre-project / spyre
  simple YARA-based IOC scanner
  ☆164Updated this week
• SCILabsMX / yaraZeekAlert
  This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…
  ☆60Updated 11 months ago
• olafhartong / detection-sources
  ☆53Updated 5 years ago
• oasis-open / cti-stix-common-objects
  OASIS Cyber Threat Intelligence (CTI) TC: A repository for commonly used STIX objects in order to avoid needless duplication. https://gi…
  ☆86Updated this week
• baronpan / SysmonHunter
  An easy ATT&CK-based Sysmon hunting tool, showing in Blackhat USA 2019 Arsenal
  ☆202Updated 2 years ago
• oasis-open / cti-stix-elevator
  OASIS Cyber Threat Intelligence (CTI) TC Open Repository: Convert STIX 1.2 XML to STIX 2.x JSON
  ☆49Updated 7 months ago
• mitre / stockpile
  A CALDERA plugin
  ☆72Updated 3 weeks ago
• bfuzzy1 / auditd-attack
  A Linux Auditd rule set mapped to MITRE's Attack Framework
  ☆90Updated last year
• apache / metron-bro-plugin-kafka
  Apache Metron
  ☆59Updated 4 years ago
• StamusNetworks / suricata-language-server
  Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…
  ☆64Updated last week
• corelight / community-id-spec
  An open standard for hashing network flows into identifiers, a.k.a "Community IDs".
  ☆171Updated 2 months ago
• salesforce / bro-sysmon
  How to Zeek Sysmon Logs!
  ☆101Updated 2 years ago
• TravisFSmith / mitre_attack
  ☆78Updated 4 years ago
• demisto / COPS
  Collaborative Open Playbook Standard
  ☆150Updated last year
• certego / PcapMonkey
  PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.
  ☆144Updated 8 months ago
• zeek / zeek-osquery
  Bro/Zeek integration with osquery
  ☆95Updated 4 years ago
• OISF / suricata-verify
  Suricata Verification Tests - Testing Suricata Output
  ☆102Updated 2 weeks ago