☆13Oct 7, 2019Updated 6 years ago
Alternatives and similar repositories for securityonion-strelka
Users that are interested in securityonion-strelka are comparing it to the libraries listed below
Sorting:
- Zeek package to detect Zerologon☆11Nov 10, 2021Updated 4 years ago
- Bro PCAP Processing and Tagging API☆28Nov 9, 2017Updated 8 years ago
- A simple Docker container that serves the MITRE ATT&CK Navigator web app☆27Apr 23, 2023Updated 2 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆14Feb 1, 2022Updated 4 years ago
- Learn you a book for some infosec good☆62Dec 5, 2019Updated 6 years ago
- HTTP Protocol Stack CVE-2021-31166☆13Oct 17, 2024Updated last year
- ☆37Dec 17, 2020Updated 5 years ago
- Repo for Automations and other solutions for Elastic SIEM/Security.☆18Jun 15, 2021Updated 4 years ago
- FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆16Oct 12, 2018Updated 7 years ago
- A running list of Windows sources and the related event ids.☆19Aug 2, 2023Updated 2 years ago
- Zeek support for Community ID flow hashing.☆36Jul 11, 2023Updated 2 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆40Jun 20, 2023Updated 2 years ago
- Python emulator for Excel XLM macros.☆18May 25, 2020Updated 5 years ago
- Primary data pipelines for intrusion detection, security analytics and threat hunting☆85Jan 9, 2022Updated 4 years ago
- Volatility 3 Plugins☆21Oct 3, 2022Updated 3 years ago
- OSSEC Decoder & Rulesets for Sysmon Events☆15Jul 23, 2015Updated 10 years ago
- Zeek network security monitor plugin that enables parsing of the Ethernet/IP and Common Industrial Protocol standards☆46May 30, 2024Updated last year
- Fast, inline geolocation decoration of IPv4 and IPv6 addresses written in Rust☆29Updated this week
- The gse-study repo was assembled to serve as a consolidated, and comprehensive, study solution for the SANS GSE exam.☆25Nov 11, 2018Updated 7 years ago
- Zeek network security monitor plugin that enables parsing of the Tabular Data Stream (TDS) protocol☆25May 30, 2024Updated last year
- Yara rules☆22Mar 27, 2023Updated 2 years ago
- ☆54Sep 6, 2020Updated 5 years ago
- ☆11Feb 9, 2023Updated 3 years ago
- Home to the ActorTrackr source code☆24Jun 21, 2017Updated 8 years ago
- Various Modules & Scripts for use with Viper Framework☆27Aug 20, 2019Updated 6 years ago
- WaitList.dat Parser☆26Oct 12, 2018Updated 7 years ago
- A Spicy protocol analyzer for WireGuard☆29Aug 11, 2020Updated 5 years ago
- This script is used to generate some basic detections of the aws security services☆72Feb 21, 2022Updated 4 years ago
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆79Feb 9, 2026Updated 3 weeks ago
- Recipes for GCHQ's CyberChef Web App☆39Nov 15, 2018Updated 7 years ago
- File Scanning Framework☆294Sep 15, 2021Updated 4 years ago
- Threat Intelligence distribution☆31Dec 30, 2015Updated 10 years ago
- Zeek network security monitor plugin that enables parsing of the BACnet standard building controls protocol☆30Apr 23, 2025Updated 10 months ago
- ☆36Jan 11, 2023Updated 3 years ago
- A collection of notebooks built for defensive and offensive operations.☆77Oct 13, 2020Updated 5 years ago
- An easy ATT&CK-based Sysmon hunting tool, showing in Blackhat USA 2019 Arsenal☆205Apr 18, 2022Updated 3 years ago
- Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana☆299Feb 9, 2026Updated 3 weeks ago
- Zeek network security monitor plugin that enables parsing of the Profinet protocol☆31May 30, 2024Updated last year
- Generating YARA rules based on binary code☆220Oct 7, 2021Updated 4 years ago