mmguero-dev's repositories
Malcolm-PCAP
A set of PCAPs used to test the parsers used by Malcolm. Also, a curated list of PCAP collections I've found online.
network-architecture-verification-and-validation
The NAVV (Network Architecture Verification and Validation) tool creates a spreadsheet for network traffic analysis from PCAP data and Zeek logs, automating Zeek analysis of PCAP files, the collation of Zeek logs and the dissection of conn.log and dns.log to create a summary or network traffic in an XLSX-formatted spreadsheet.
zeek-sniffpass
Sniffpass will alert on cleartext passwords discovered in HTTP POST requests
goStatic
A really small static web server for Docker
icsnpp-dnp3
Zeek DNP3 Extension Scripts - CISA ICSNPP
icsnpp-enip
Zeek Ethernet/IP and CIP Parser - CISA ICSNPP
icsnpp-modbus
Zeek Modbus Extension Scripts - CISA ICSNPP
icsnpp-synchrophasor
Zeek parser for Synchrophasor Data Transfer for Power Systems (C37.118)
osd_transform_vis
OpenSearch-Dashboards plugin to create custom visualisations
spicy-asn1
Dummy parser for ASN.1 for Zeek's Spicy
vagrant-libvirt
Vagrant provider for libvirt.
gait
Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies
icsnpp-bacnet
Zeek BACnet Parser - CISA ICSNPP
icsnpp-bsap
Zeek BSAP Parser - CISA ICSNPP
icsnpp-ethercat
Zeek Ethercat Parser - CISA ICSNPP
icsnpp-genisys
Industrial Control Systems Network Protocol Parsers (ICSNPP) - Genisys over TCP/IP
icsnpp-opcua-binary
Zeek OPCUA Binary Parser - CISA ICSNPP
icsnpp-profinet-io-cm
Zeek Profinet I/O Context Manager Parser - CISA ICSNPP
icsnpp-s7comm
Zeek S7comm, S7comm-plus, and COTP Parser - CISA ICSNPP
netbox-initializers
Plugin to load predefined data into Netbox
packages
The default package source of the Zeek Package Manager
zeek-plugin-profinet
Zeek network security monitor plugin that enables parsing of the Profinet protocol
zeek-plugin-tds
Zeek network security monitor plugin that enables parsing of the Tabular Data Stream (TDS) protocol
zeek-xor-exe-plugin
Zeek plugin to detect and decrypt XOR-encrypted EXEs