Zeek-Network-Security-MonitorA Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
Stars: ✭ 38 (+72.73%)
zeek-docsDocumentation for Zeek
Stars: ✭ 41 (+86.36%)
pcapdjpcapdj - dispatch pcap files
Stars: ✭ 41 (+86.36%)
S1EMThis project is a SIEM with SIRP and Threat Intel, all in one.
Stars: ✭ 270 (+1127.27%)
ZeekZeek is a powerful network analysis framework that is much different from the typical IDS you may know.
Stars: ✭ 4,180 (+18900%)
NetworkAlarmA tool to monitor local network traffic for possible security vulnerabilities. Warns user against possible nmap scans, Nikto scans, credentials sent in-the-clear, and shellshock attacks. Currently supports live monitoring and network capture (pcap) scanning.
Stars: ✭ 17 (-22.73%)
MegaDevBro IDS + ELK Stack to detect and block data exfiltration
Stars: ✭ 46 (+109.09%)
ipdecapDecapsulate traffic encapsulated within GRE, IPIP, 6in4, ESP (ipsec) protocols, can also remove IEEE 802.1Q (virtual lan) header. Works with pcap files.
Stars: ✭ 32 (+45.45%)
packifferlightweight cross-platform networking toolkit
Stars: ✭ 52 (+136.36%)
Pypacker📦 The fastest and simplest packet manipulation lib for Python
Stars: ✭ 216 (+881.82%)
ansibleAnsible playbook automation for pfelk
Stars: ✭ 23 (+4.55%)
WerkHigh-throughput / low-latency C++ application framework
Stars: ✭ 30 (+36.36%)
zeek-plugin-s7commZeek network security monitor plugin that enables parsing of the S7 protocol
Stars: ✭ 31 (+40.91%)
graylog-zeek-content-packBRO/Zeek IDS content pack contains pipeline rules, a stream, a dashboard displaying interesting activity, and a syslog tcp input to capture and index BRO/Zeek logs coming from a remote sensor.
Stars: ✭ 18 (-18.18%)
captcpA open source program for TCP analysis of PCAP files
Stars: ✭ 110 (+400%)
balboaserver for indexing and querying passive DNS observations
Stars: ✭ 42 (+90.91%)
PcapvizVisualize network topologies and collect graph statistics based on pcap files
Stars: ✭ 247 (+1022.73%)
GenetGraphical network analyzer powered by web technologies
Stars: ✭ 195 (+786.36%)
testmynids.orgA website and framework for testing NIDS detection
Stars: ✭ 55 (+150%)
JoincapMerge multiple pcap files together, gracefully.
Stars: ✭ 159 (+622.73%)
flow-indexerFlow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files
Stars: ✭ 43 (+95.45%)
capture-dnsA simple program to capture and show DNS queries
Stars: ✭ 33 (+50%)
UdpreplayReplay UDP packets from a pcap file
Stars: ✭ 135 (+513.64%)
dscDNS Statistics Collector
Stars: ✭ 94 (+327.27%)
packet cafeA platform built for easy-to-use automated network traffic analysis
Stars: ✭ 40 (+81.82%)
dns-collectorAggregator, analyzer, transporter and logging for your DNS logs
Stars: ✭ 58 (+163.64%)
altprobecollector for XDR and security posture service
Stars: ✭ 62 (+181.82%)
S2ANS2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
Stars: ✭ 70 (+218.18%)
connecttiny cross-platform socket API library
Stars: ✭ 46 (+109.09%)
zeek2esA Python application to filter and transfer Zeek logs to Elastic/OpenSearch. This app can also output pure JSON logs to stdout for further processing!
Stars: ✭ 16 (-27.27%)
pcap-fileCrate to read and write pcap and pcapng files in RUST.
Stars: ✭ 25 (+13.64%)
Tcpdumpthe TCPdump network dissector
Stars: ✭ 1,731 (+7768.18%)
Captagent100% Open-Source Packet Capture Agent for HEP
Stars: ✭ 116 (+427.27%)
mitmpcapexport mitmproxy traffic to PCAP file
Stars: ✭ 42 (+90.91%)
feverfast, extensible, versatile event router for Suricata's EVE-JSON format
Stars: ✭ 47 (+113.64%)
termsharkA terminal UI for tshark, inspired by Wireshark
Stars: ✭ 7,368 (+33390.91%)
DnscapNetwork capture utility designed specifically for DNS traffic
Stars: ✭ 234 (+963.64%)
vagrant-idsAn Ubuntu 16.04 build containing Suricata, PulledPork, Bro, and Splunk
Stars: ✭ 21 (-4.55%)
CuisharkA protocol analyzer like a wireshark on CUI. cuishark is using libwireshark to analyze packets. https://cuishark.slankdev.net
Stars: ✭ 208 (+845.45%)
Red-Rabbit-V4The Red Rabbit project is just what a hacker needs for everyday automation. Red Rabbit unlike most frameworks out there does not automate other peoples tools like the aircrack suite or the wifite framework, it rather has its own code and is raw source with over 270+ options. This framework might just be your everyday key to your workflow
Stars: ✭ 123 (+459.09%)
WinsharkA wireshark plugin to instrument ETW
Stars: ✭ 191 (+768.18%)
SkydiveAn open source real-time network topology and protocols analyzer
Stars: ✭ 2,086 (+9381.82%)
wireshamSimple TCP service mocking tool for replaying https://www.wireshark.org and http://www.tcpdump.org captured service traffic
Stars: ✭ 44 (+100%)
PasserPassive service locator, a python sniffer that identifies servers, clients, names and much more
Stars: ✭ 144 (+554.55%)
go-netflowgo netflow, capture process in/out traffic, similar to c Nethogs.
Stars: ✭ 145 (+559.09%)
Libpcapthe LIBpcap interface to various kernel packet capture mechanism
Stars: ✭ 1,785 (+8013.64%)
DPDK SURICATA-4 1 1dpdk infrastructure for software acceleration. Currently working on RX and ACL pre-filter
Stars: ✭ 81 (+268.18%)
LibtinsHigh-level, multiplatform C++ network packet sniffing and crafting library.
Stars: ✭ 1,609 (+7213.64%)
TheBriarPatchAn extremely crude, lightweight Web Frontend for Suricata/Bro to be used with BriarIDS
Stars: ✭ 21 (-4.55%)
Analyzer🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more
Stars: ✭ 108 (+390.91%)
ivreNetwork recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!
Stars: ✭ 2,712 (+12227.27%)
pciPacket communication investigator
Stars: ✭ 82 (+272.73%)
webshark🦈 Tool for visualizing packet captures.
Stars: ✭ 41 (+86.36%)
tcpslicetcpslice concatenates multiple pcap files together, or extracts time slices from one or more pcap files.
Stars: ✭ 48 (+118.18%)