Stephen Hosom's repositories
file-extraction
Extract files from network traffic with Zeek.
dummy-connections
Create connection records without having real connections.
log-filters
Common log filters for Zeek IDS
opencanary
Modular and decentralised honeypot
bro-environment
Learn and document your environment with Bro IDS.
bro-packages
Bro packages. Possibly unstable. I release here before anywhere else.
brointelutils
Utilities for Bro Intel Sources
cbapi-python
Carbon Black API - Python language bindings
docker-bro
Bro IDS Dockerfile
known-dhcp-nets
Log DHCP networks seen assigned by DHCP servers
nrol-39-logo
A vector PDF of the official mission logo of NROL-39
octokit.rb
Ruby toolkit for the GitHub API
recently-compiled-pes
Detect PE files with a recent compile time.
stenographer
Stenographer is a packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of those packets. Discussion/announcements at stenographer@googlegroups.com
vault-ruby
The official Ruby client for HashiCorp's Vault
vscode_notes_template
Template repository for building notebooks in vscode
windows-event-forwarding
A repository for using windows event forwarding for incident detection and response
WindowsEventForwarding
Documentation and files for Windows Event Forwarding