Beast code in Giters

mmguero-dev's repositories

Malcolm-PCAP

A set of PCAPs used to test the parsers used by Malcolm. Also, a curated list of PCAP collections I've found online.

Language:Python29 30

Malcolm

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

Language:PythonNOASSERTION9 20

network-architecture-verification-and-validation

The NAVV (Network Architecture Verification and Validation) tool creates a spreadsheet for network traffic analysis from PCAP data and Zeek logs, automating Zeek analysis of PCAP files, the collation of Zeek logs and the dissection of conn.log and dns.log to create a summary or network traffic in an XLSX-formatted spreadsheet.

Language:PythonBSD-3-Clause100

zeek-sniffpass

Sniffpass will alert on cleartext passwords discovered in HTTP POST requests

Language:ZeekBSD-3-Clause100

arkime

Moloch is an open source, large scale, full packet capturing, indexing, and database system.

Language:JavaScriptApache-2.0010

bento

Packer templates for building minimal Vagrant baseboxes for multiple platforms

Language:HCLApache-2.0010

goStatic

A really small static web server for Docker

Language:GoGPL-2.0000

htadmin

HTAdmin is a simple htpasswd editor to secure web content on an apache web server

Language:PHP010

icsnpp-dnp3

Zeek DNP3 Extension Scripts - CISA ICSNPP

Language:ZeekBSD-3-Clause000

icsnpp-enip

Zeek Ethernet/IP and CIP Parser - CISA ICSNPP

Language:ZeekBSD-3-Clause010

jekyll-serve

Jekyll in a Docker Container For Easy SSG Development

Language:DockerfileMIT000

Malcolm-Helm

Language:Smarty000

osd_transform_vis

OpenSearch-Dashboards plugin to create custom visualisations

Language:TypeScriptApache-2.0000

vagrant-libvirt

Vagrant provider for libvirt.

Language:RubyMIT000

gait

Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies

Language:ZeekNOASSERTION000

icsnpp-bacnet

Zeek BACnet Parser - CISA ICSNPP

Language:JavaScriptBSD-3-Clause000

icsnpp-bsap

Zeek BSAP Parser - CISA ICSNPP

Language:JavaScriptBSD-3-Clause000

icsnpp-ethercat

Zeek Ethercat Parser - CISA ICSNPP

Language:C++BSD-3-Clause010

icsnpp-genisys

Industrial Control Systems Network Protocol Parsers (ICSNPP) - Genisys over TCP/IP

Language:PythonBSD-3-Clause000

icsnpp-modbus

Zeek Modbus Extension Scripts - CISA ICSNPP

Language:ZeekBSD-3-Clause000

icsnpp-opcua-binary

Zeek OPCUA Binary Parser - CISA ICSNPP

Language:JavaScriptBSD-3-Clause000

icsnpp-profinet-io-cm

Zeek Profinet I/O Context Manager Parser - CISA ICSNPP

Language:ZeekBSD-3-Clause000

icsnpp-s7comm

Zeek S7comm, S7comm-plus, and COTP Parser - CISA ICSNPP

Language:JavaScriptBSD-3-Clause000

icsnpp-synchrophasor

Zeek parser for Synchrophasor Data Transfer for Power Systems (C37.118)

Language:ZeekBSD-3-Clause000

netbox-initializers

Plugin to load predefined data into Netbox

Language:PythonApache-2.0000

packages

The default package source of the Zeek Package Manager

000

parsnip

Language:PythonNOASSERTION000

zeek-plugin-profinet

Zeek network security monitor plugin that enables parsing of the Profinet protocol

Language:ZeekBSD-3-Clause000

zeek-plugin-tds

Zeek network security monitor plugin that enables parsing of the Tabular Data Stream (TDS) protocol

Language:ZeekBSD-3-Clause000

zeek-xor-exe-plugin

Zeek plugin to detect and decrypt XOR-encrypted EXEs

Language:C++BSD-3-Clause000