zeek-docsDocumentation for Zeek
Stars: ✭ 41 (-99.02%)
Zeek-Network-Security-MonitorA Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
Stars: ✭ 38 (-99.09%)
ArkimeArkime (formerly Moloch) is an open source, large scale, full packet capturing, indexing, and database system.
Stars: ✭ 4,994 (+19.47%)
ivreNetwork recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!
Stars: ✭ 2,712 (-35.12%)
IvreNetwork recon framework, published by @cea-sec & @ANSSI-FR. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!
Stars: ✭ 2,331 (-44.23%)
NfstreamNFStream: a Flexible Network Data Analysis Framework.
Stars: ✭ 622 (-85.12%)
NetworkAlarmA tool to monitor local network traffic for possible security vulnerabilities. Warns user against possible nmap scans, Nikto scans, credentials sent in-the-clear, and shellshock attacks. Currently supports live monitoring and network capture (pcap) scanning.
Stars: ✭ 17 (-99.59%)
PoseidonPoseidon is a python-based application that leverages software defined networks (SDN) to acquire and then feed network traffic to a number of machine learning techniques. The machine learning algorithms classify and predict the type of device.
Stars: ✭ 310 (-92.58%)
MalcomMalcom - Malware Communications Analyzer
Stars: ✭ 988 (-76.36%)
PasserPassive service locator, a python sniffer that identifies servers, clients, names and much more
Stars: ✭ 144 (-96.56%)
Security OnionSecurity Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management
Stars: ✭ 2,956 (-29.28%)
brimcapConvert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
Stars: ✭ 22 (-99.47%)
MegaDevBro IDS + ELK Stack to detect and block data exfiltration
Stars: ✭ 46 (-98.9%)
awesome-broUseful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))
Stars: ✭ 31 (-99.26%)
PackagesThe default package source of the Zeek Package Manager
Stars: ✭ 94 (-97.75%)
SuricataSuricata git repository maintained by the OISF
Stars: ✭ 2,274 (-45.6%)
flow-indexerFlow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files
Stars: ✭ 43 (-98.97%)
graylog-zeek-content-packBRO/Zeek IDS content pack contains pipeline rules, a stream, a dashboard displaying interesting activity, and a syslog tcp input to capture and index BRO/Zeek logs coming from a remote sensor.
Stars: ✭ 18 (-99.57%)
YobiYara Based Detection Engine for web browsers
Stars: ✭ 39 (-99.07%)
NetfoxA lightweight, one line setup, iOS / OSX network debugging library! 🦊
Stars: ✭ 3,188 (-23.73%)
zeek-plugin-tdsZeek network security monitor plugin that enables parsing of the Tabular Data Stream (TDS) protocol
Stars: ✭ 19 (-99.55%)
VanillaWindowsReferenceA repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare and see what's been added with each update.
Stars: ✭ 24 (-99.43%)
Langhost👻 A LAN dropbox chatbot controllable via Telegram
Stars: ✭ 324 (-92.25%)
Tcptermtcpterm is a packet visualizer in TUI.
Stars: ✭ 288 (-93.11%)
yara-rulesYara rules written by me, for free use.
Stars: ✭ 13 (-99.69%)
Hack-UtilsScript to facilitate different functions and checks
Stars: ✭ 27 (-99.35%)
Python IocextractDefanged Indicator of Compromise (IOC) Extractor.
Stars: ✭ 300 (-92.82%)
ocaml-pcapOCaml code for generating and analysing pcap (packet capture) files
Stars: ✭ 20 (-99.52%)
Mac aptmacOS Artifact Parsing Tool
Stars: ✭ 329 (-92.13%)
pycommunityidA Python implementation of the Community ID flow hashing standard
Stars: ✭ 18 (-99.57%)
NetdiscoA web-based network management tool.
Stars: ✭ 291 (-93.04%)
Swap digger swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.
Stars: ✭ 354 (-91.53%)
GanderGander is a simple in-app HTTP inspector for Android OkHttp clients. Gander intercepts and persists all HTTP requests and responses inside your application, and provides a UI for inspecting their content.
Stars: ✭ 285 (-93.18%)
rhqRecon Hunt Queries
Stars: ✭ 66 (-98.42%)
PcapVizVisualize network topologies and collect graph statistics based on pcap files
Stars: ✭ 267 (-93.61%)
nsm-attackMapping NSM rules to MITRE ATT&CK
Stars: ✭ 53 (-98.73%)
GraphpathGraphpath generates an ASCII network diagram from the route table of a Unix/Linux
Stars: ✭ 321 (-92.32%)
RecuperabitA tool for forensic file system reconstruction.
Stars: ✭ 280 (-93.3%)
arpwitchA modern arpwatch replacement with JSON formatted outputs and easy options to exec commands when network changes are observed.
Stars: ✭ 20 (-99.52%)
ArduinopcapA library for creating and sending .pcap files for Wireshark and other programms.
Stars: ✭ 278 (-93.35%)
SnifferUI基于MFC和WinPcap库开发的网络抓包和协议分析软件
Stars: ✭ 86 (-97.94%)
PacketqA tool that provides a basic SQL-frontend to PCAP-files
Stars: ✭ 363 (-91.32%)
ArachneAn always-on framework that performs end-to-end functional network testing for reachability, latency, and packet loss
Stars: ✭ 353 (-91.56%)
PandorafmsPandora FMS is a flexible and highly scalable monitoring system ready for big environments. It uses agents (Linux, Windows, AIX, HP-UX, Solaris and BSD systems) and can do both local and remote network monitoring (SNMP v3, TCP checks, WMI, etc).
Stars: ✭ 311 (-92.56%)
Opensource-Endpoint-MonitoringThis repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.
Stars: ✭ 30 (-99.28%)
sniffer🤒 A modern alternative network traffic sniffer.
Stars: ✭ 428 (-89.76%)
nmisNMIS, a flexible Open Source Network Management System
Stars: ✭ 16 (-99.62%)
DetectionlabelkDetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
Stars: ✭ 273 (-93.47%)
pcap-processorRead and process pcap files using this nifty tool
Stars: ✭ 36 (-99.14%)
Ir RescueA Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
Stars: ✭ 311 (-92.56%)
LolbasLiving Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Stars: ✭ 3,810 (-8.85%)
pciPacket communication investigator
Stars: ✭ 82 (-98.04%)
opensnitchOpenSnitch is a GNU/Linux application firewall
Stars: ✭ 398 (-90.48%)
BitmeterosBitMeter OS - a cross-platform bandwidth monitor
Stars: ✭ 266 (-93.64%)
minerchkBash script to Check for malicious Cryptomining
Stars: ✭ 36 (-99.14%)
hashlookup-forensic-analyserAnalyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/services/hashlookup/
Stars: ✭ 43 (-98.97%)
ThehivedocsDocumentation of TheHive
Stars: ✭ 353 (-91.56%)