hosom

followers

0

following

stars

@github

Stephen Hosom's repositories

file-extraction

Extract files from network traffic with Zeek.

Language:ZeekBSD-3-Clause100 13 12

bro-otx

Integrate Zeek with Alienvault OTX

Language:PythonBSD-3-Clause24 2 5

svalinn

Windows Password Filter

Language:C++BSD-3-Clause5 10

bro-ja3

ja3 ssl fingerprinting for bro

Language:BroBSD-3-Clause2 1 1

bro-oui

Add an OUI lookup to Bro IDS.

Language:BroBSD-3-Clause1 10

dummy-connections

Create connection records without having real connections.

Language:BroBSD-3-Clause1 10

log-filters

Common log filters for Zeek IDS

Language:ZeekBSD-3-Clause1 10

opencanary

Modular and decentralised honeypot

Language:PythonBSD-3-Clause1 10

bro-cron

Schedule shell commands with Bro.

Language:BroBSD-3-Clause010

bro-environment

Learn and document your environment with Bro IDS.

Language:BroBSD-3-Clause020

bro-packages

Bro packages. Possibly unstable. I release here before anywhere else.

BSD-3-Clause010

broctl

Tool for managing Bro deployments.

Language:PythonNOASSERTION010

brointelutils

Utilities for Bro Intel Sources

Language:Go010

broker

Bro's Messaging Library

Language:C++NOASSERTION010

cbapi-python

Carbon Black API - Python language bindings

Language:PythonNOASSERTION010

docker-bro

Bro IDS Dockerfile

Language:BroMIT010

heimdall

very simple blocklist daemon

BSD-3-Clause010

known-dhcp-nets

Log DHCP networks seen assigned by DHCP servers

Language:BroBSD-3-Clause010

nrol-39-logo

A vector PDF of the official mission logo of NROL-39

010

ntdedupe

napatech based packet deduplication tool

Language:C++BSD-3-Clause010

octokit.rb

Ruby toolkit for the GitHub API

Language:RubyMIT000

packages

The default package source of the Zeek Package Manager

010

recently-compiled-pes

Detect PE files with a recent compile time.

Language:BroBSD-3-Clause010

stenographer

Stenographer is a packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of those packets. Discussion/announcements at stenographer@googlegroups.com

Language:GoApache-2.0010

ufbuilder

Shell utilities to generate self extracting installers for the Splunk Universal Forwarder.

Language:ShellBSD-3-Clause010

vault-ruby

The official Ruby client for HashiCorp's Vault

Language:RubyMPL-2.0000

vscode_notes_template

Template repository for building notebooks in vscode

BSD-3-Clause020

windows-event-forwarding

A repository for using windows event forwarding for incident detection and response

Language:RoffNOASSERTION010

WindowsEventForwarding

Documentation and files for Windows Event Forwarding

Language:RoffBSD-3-Clause010

zeek

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.

Language:BroNOASSERTION010