ZeekZeek is a powerful network analysis framework that is much different from the typical IDS you may know.
Stars: ✭ 4,180 (+13383.87%)
Mutual labels: bro, nsm
zeek-docsDocumentation for Zeek
Stars: ✭ 41 (+32.26%)
Mutual labels: bro, nsm
IvreNetwork recon framework, published by @cea-sec & @ANSSI-FR. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!
Stars: ✭ 2,331 (+7419.35%)
Mutual labels: bro
Zeek-Network-Security-MonitorA Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
Stars: ✭ 38 (+22.58%)
Mutual labels: bro
status-listA list of your various social statii.
Stars: ✭ 35 (+12.9%)
Mutual labels: bro
graylog-zeek-content-packBRO/Zeek IDS content pack contains pipeline rules, a stream, a dashboard displaying interesting activity, and a syslog tcp input to capture and index BRO/Zeek logs coming from a remote sensor.
Stars: ✭ 18 (-41.94%)
Mutual labels: bro
flow-indexerFlow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files
Stars: ✭ 43 (+38.71%)
Mutual labels: bro
TheBriarPatchAn extremely crude, lightweight Web Frontend for Suricata/Bro to be used with BriarIDS
Stars: ✭ 21 (-32.26%)
Mutual labels: bro
ivreNetwork recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!
Stars: ✭ 2,712 (+8648.39%)
Mutual labels: bro
MegaDevBro IDS + ELK Stack to detect and block data exfiltration
Stars: ✭ 46 (+48.39%)
Mutual labels: bro
SuricataSuricata git repository maintained by the OISF
Stars: ✭ 2,274 (+7235.48%)
Mutual labels: nsm
ArkimeArkime (formerly Moloch) is an open source, large scale, full packet capturing, indexing, and database system.
Stars: ✭ 4,994 (+16009.68%)
Mutual labels: nsm
Security OnionSecurity Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management
Stars: ✭ 2,956 (+9435.48%)
Mutual labels: nsm
nsm-attackMapping NSM rules to MITRE ATT&CK
Stars: ✭ 53 (+70.97%)
Mutual labels: nsm
docker-suricataA Suricata Docker image.
Stars: ✭ 120 (+287.1%)
Mutual labels: nsm
examplesNetwork Service Mesh examples repo
Stars: ✭ 14 (-54.84%)
Mutual labels: nsm
ELK-HuntingThreat Hunting with ELK Workshop (InfoSecWorld 2017)
Stars: ✭ 58 (+87.1%)
Mutual labels: nsm