tatsuiman / rpot2Links
Real-time Packet Observation Tool
☆39Updated 2 years ago
Alternatives and similar repositories for rpot2
Users that are interested in rpot2 are comparing it to the libraries listed below
Sorting:
- brostash: Linux distribution based on Debian and focusing on network security events collection☆34Updated 5 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- Passive Network Audit Framework☆32Updated 7 years ago
- Potiron - Normalize, Index and Visualize Network Capture☆87Updated 6 years ago
- DomainClassifier is a Python (2/3) library to extract and classify Internet domains/hostnames/IP addresses from raw unstructured text fil…☆78Updated last year
- Centralize Management of Intrusion Detection System like Suricata Bro Ossec ...☆72Updated 6 years ago
- NTP logger/honeypot☆54Updated 11 years ago
- Generates visualizations from the output of flow tools such as SiLK.☆35Updated 8 years ago
- scan-detection policies for bro☆16Updated 9 months ago
- Legal, procedural and policies document templates for operating an IRT☆64Updated last year
- Malware/IOC ingestion and processing engine☆107Updated 6 years ago
- A Docker container for Moloch based on minimal Debian☆13Updated 8 years ago
- OpenDNS Graph Miner☆45Updated 8 years ago
- Automatic firewall rule orchestator.☆83Updated 8 years ago
- Common Vulnerabilities and Exposures - Portal. Archived and now replaced by vulnerability-lookup.org☆87Updated 7 months ago
- Workbench: A scalable python framework for security research and development teams.☆92Updated 6 years ago
- SIAC is an enterprise SIEM built on open-source technology.☆116Updated 7 years ago
- Flexible framework that allows automation to process cyber threat information and update endpoint defense tools.☆20Updated 7 years ago
- Bro scripts for the ROCK platform. http://rocknsm.io☆34Updated 2 years ago
- Ready to run scripts for network analysis☆88Updated 7 months ago
- Malware Classifier From Network Captures☆82Updated 8 years ago
- This is a script module for Bro that encapsulates and detects activity related to the Mandiant APT1 report.☆49Updated 11 years ago
- This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, o…☆35Updated 6 years ago
- A framework for receiving and redistributing abuse feeds☆124Updated 6 years ago
- Dockerfiles for NSM tools☆84Updated 8 years ago
- A Docker container for Moloch based on minimal Debian☆26Updated 9 years ago
- Network Forensics Bro scripts & pcap samples☆63Updated 11 years ago
- ☆85Updated 12 years ago
- Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files☆44Updated last year
- Bro-IDS scripts☆50Updated 9 years ago