weslambert / securityonion-strelkaView external linksLinks
☆13Oct 7, 2019Updated 6 years ago
Alternatives and similar repositories for securityonion-strelka
Users that are interested in securityonion-strelka are comparing it to the libraries listed below
Sorting:
- Zeek plugin to generate data on per-packet sizes and intervals☆14Apr 21, 2020Updated 5 years ago
- Zeek package to detect Zerologon☆11Nov 10, 2021Updated 4 years ago
- A simple Docker container that serves the MITRE ATT&CK Navigator web app☆27Apr 23, 2023Updated 2 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆14Feb 1, 2022Updated 4 years ago
- Learn you a book for some infosec good☆62Dec 5, 2019Updated 6 years ago
- HTTP Protocol Stack CVE-2021-31166☆13Oct 17, 2024Updated last year
- Repo for Automations and other solutions for Elastic SIEM/Security.☆18Jun 15, 2021Updated 4 years ago
- FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆16Oct 12, 2018Updated 7 years ago
- A running list of Windows sources and the related event ids.☆19Aug 2, 2023Updated 2 years ago
- Zeek support for Community ID flow hashing.☆37Jul 11, 2023Updated 2 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆40Jun 20, 2023Updated 2 years ago
- Python emulator for Excel XLM macros.☆18May 25, 2020Updated 5 years ago
- Primary data pipelines for intrusion detection, security analytics and threat hunting☆85Jan 9, 2022Updated 4 years ago
- OSSEC Decoder & Rulesets for Sysmon Events☆15Jul 23, 2015Updated 10 years ago
- Zeek network security monitor plugin that enables parsing of the Ethernet/IP and Common Industrial Protocol standards☆46May 30, 2024Updated last year
- Fast, inline geolocation decoration of IPv4 and IPv6 addresses written in Rust☆29Jan 21, 2024Updated 2 years ago
- Yara rules☆22Mar 27, 2023Updated 2 years ago
- The gse-study repo was assembled to serve as a consolidated, and comprehensive, study solution for the SANS GSE exam.☆25Nov 11, 2018Updated 7 years ago
- ☆54Sep 6, 2020Updated 5 years ago
- ☆11Feb 9, 2023Updated 3 years ago
- Home to the ActorTrackr source code☆24Jun 21, 2017Updated 8 years ago
- Various Modules & Scripts for use with Viper Framework☆27Aug 20, 2019Updated 6 years ago
- A Spicy protocol analyzer for WireGuard☆29Aug 11, 2020Updated 5 years ago
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆79Updated this week
- File Scanning Framework☆295Sep 15, 2021Updated 4 years ago
- Threat Intelligence distribution☆31Dec 30, 2015Updated 10 years ago
- Zeek network security monitor plugin that enables parsing of the BACnet standard building controls protocol☆30Apr 23, 2025Updated 9 months ago
- Zeek network security monitor plugin that enables parsing of the Profinet protocol☆30May 30, 2024Updated last year
- ☆36Jan 11, 2023Updated 3 years ago
- A collection of notebooks built for defensive and offensive operations.☆77Oct 13, 2020Updated 5 years ago
- Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana☆298Feb 6, 2026Updated last week
- Generating YARA rules based on binary code☆220Oct 7, 2021Updated 4 years ago
- ☆35Oct 20, 2024Updated last year
- Python script to decode common encoded PowerShell scripts☆217Jun 13, 2018Updated 7 years ago
- ☆77Jun 25, 2019Updated 6 years ago
- Plugin providing native AF_Packet support for Zeek.☆33Oct 22, 2025Updated 3 months ago
- An analytical framework for network traffic and behavioral analytics☆457Dec 7, 2022Updated 3 years ago
- A DFVFS Backed Forensic Viewer☆42Apr 13, 2020Updated 5 years ago
- Getting started with OpenTelemetry☆16Nov 9, 2022Updated 3 years ago