zeek-docsDocumentation for Zeek
Stars: ✭ 41 (+127.78%)
TheBriarPatchAn extremely crude, lightweight Web Frontend for Suricata/Bro to be used with BriarIDS
Stars: ✭ 21 (+16.67%)
ZeekZeek is a powerful network analysis framework that is much different from the typical IDS you may know.
Stars: ✭ 4,180 (+23122.22%)
ivreNetwork recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!
Stars: ✭ 2,712 (+14966.67%)
MegaDevBro IDS + ELK Stack to detect and block data exfiltration
Stars: ✭ 46 (+155.56%)
Zeek-Network-Security-MonitorA Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
Stars: ✭ 38 (+111.11%)
IvreNetwork recon framework, published by @cea-sec & @ANSSI-FR. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!
Stars: ✭ 2,331 (+12850%)
firewall-controllerA kubernetes controller running on bare-metal firewalls, creating nftables rules, configures suricata, collects network metrics
Stars: ✭ 37 (+105.56%)
IPRadar2Real-time detection and defense against malicious network activity and policy violations (exploits, port-scanners, advertising, telemetry, state surveillance, etc.)
Stars: ✭ 20 (+11.11%)
ML-IDSAn IDS implementation using machine learning
Stars: ✭ 30 (+66.67%)
awesome-broUseful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))
Stars: ✭ 31 (+72.22%)
eewidsEasily Expandable Wireless Intrusion Detection System
Stars: ✭ 25 (+38.89%)
GraypyPython logging handler for Graylog that sends messages in GELF (Graylog Extended Log Format).
Stars: ✭ 211 (+1072.22%)
S1EMThis project is a SIEM with SIRP and Threat Intel, all in one.
Stars: ✭ 270 (+1400%)
Logrus matetool for logrus, let it easy to use
Stars: ✭ 148 (+722.22%)
TNSR IDSIDS using a port mirror, Snort and an alert -> RESTCONF utility
Stars: ✭ 30 (+66.67%)
QuickloggerLibrary for logging on files, console, memory, email, rest, eventlog, syslog, slack, telegram, redis, logstash, elasticsearch, influxdb, graylog, Sentry, Twilio, ide debug messages and throw events for Delphi/Firemonkey/freepascal/.NET (Windows/Linux/OSX/IOS/Android).
Stars: ✭ 137 (+661.11%)
FragscapyFragscapy is a command-line tool to fuzz network protocols by automating the modification of outgoing network packets. It can run multiple successive tests to determine which options can be used to evade firewalls and IDS.
Stars: ✭ 52 (+188.89%)
ScanrDetect x86 shellcode in files and traffic.
Stars: ✭ 16 (-11.11%)
bonfireA CLI Graylog Client with Follow Mode
Stars: ✭ 72 (+300%)
Graylog Plugin ThreatintelGraylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases
Stars: ✭ 132 (+633.33%)
UTMFWUTM Firewall on OpenBSD
Stars: ✭ 104 (+477.78%)
graylog-plugin-awsSeveral bundled Graylog plugins to integrate with different AWS services like CloudTrail and FlowLogs.
Stars: ✭ 88 (+388.89%)
prickly-peteA script using Docker to quickly bring up some honeypots exposing lots of services. For research, reconnaissance, and fun. (DISCLAIMER may not be fun, not to be taken internally, aim away from face)
Stars: ✭ 29 (+61.11%)
Icinga VagrantVagrant boxes for Icinga 2, Icinga Web 2, modules, themes and integrations (Graphite, InfluxDB, Elastic, Graylog, etc.)
Stars: ✭ 248 (+1277.78%)
flow-indexerFlow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files
Stars: ✭ 43 (+138.89%)
ansible-zeeksetup zeek, previously Bro IDS
Stars: ✭ 14 (-22.22%)
moleYara powered NIDS with high speed packet capture powered by PF_RING
Stars: ✭ 51 (+183.33%)
Logback GelfLogback appender for sending GELF messages with zero additional dependencies.
Stars: ✭ 146 (+711.11%)
zeek-plugin-s7commZeek network security monitor plugin that enables parsing of the S7 protocol
Stars: ✭ 31 (+72.22%)
ProbeManagerCentralize Management of Intrusion Detection System like Suricata Bro Ossec ...
Stars: ✭ 73 (+305.56%)
shortidSuper short, fully unique, non-sequential and URL-friendly Ids
Stars: ✭ 20 (+11.11%)
Icinga2Icinga is a monitoring system which checks
the availability of your network resources, notifies users of outages, and generates
performance data for reporting.
Stars: ✭ 1,670 (+9177.78%)
PygelfPython logging handlers with GELF (Graylog Extended Log Format) support
Stars: ✭ 56 (+211.11%)
Office365 Audit Log CollectorCollector script for retrieving audit logs from the Office 365 API with file or network/graylog output.
Stars: ✭ 39 (+116.67%)
hashids.pmHashids, ported for Perl
Stars: ✭ 15 (-16.67%)
go-graylogGraylog API client for Go and terraform provider for Graylog
Stars: ✭ 45 (+150%)