thongsia / Public-Pcaps
☆39Updated 5 years ago
Related projects: ⓘ
- ☆43Updated 2 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆32Updated 2 years ago
- The Security Analyst’s Guide to Suricata☆49Updated 3 months ago
- A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the…☆61Updated last year
- ☆35Updated 8 months ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆59Updated 9 months ago
- Sample files for Control Things Platform☆36Updated 5 months ago
- Mapping NSM rules to MITRE ATT&CK☆68Updated 4 years ago
- DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic☆33Updated last month
- Repository of all the sites related to infosec IP/Domain/Hash/SSL/etc OSINT and eventually will include more.☆63Updated 4 months ago
- PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.☆142Updated 6 months ago
- Packet captures of malicious traffic for analysis using Wireshark☆53Updated last year
- A CALDERA plugin☆33Updated last month
- ☆63Updated last month
- Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies☆18Updated 6 months ago
- ☆34Updated 3 years ago
- The ICS Advisory Project is an open-source project to provide DHS CISA ICS Advisories data in Comma Separated Value (CSV) format to suppo…☆71Updated this week
- Library of threat hunts to get any user started!☆40Updated 4 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆49Updated 2 years ago
- A set of PCAPs used to test the parsers used by Malcolm. Also, a curated list of PCAP collections I've found online.☆30Updated last month
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆60Updated 4 months ago
- PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…☆93Updated 3 years ago
- This is the ICSSIM source code and user manual for simulating industrial control system testbed for cybersecurity experiments☆60Updated 3 months ago
- A collection of tips for using MISP.☆74Updated 5 months ago
- Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translatin…☆121Updated 4 months ago
- Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.☆34Updated 2 years ago
- Automated detection rule analysis utility☆29Updated last year
- Zeek Training Materials/Products☆34Updated 10 months ago
- ☆43Updated last year
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆44Updated 2 years ago