There are 5 repositories under network-security-monitoring topic.
Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management
A Linux packet crafting tool.
Respounder detects presence of responder in the network.
An open standard for hashing network flows into identifiers, a.k.a "Community IDs".
Mapping NSM rules to MITRE ATT&CK
A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
A website and framework for testing NIDS detection
Automation of VPC Traffic Mirror Sessions in AWS
Highly customizable low-interaction experimental honeypot that mimics specific hosts.
A Python implementation of the Community ID flow hashing standard
A machine learning program, that detects denial of service attack using machine learning technique.
Go implementation of the Community ID flow hashing standard
A set of tools and procedures for automating NSM and NIDS deployments in AWS
This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup a Suricata Port Mirrored Server
This repository shows all the hands on experience on Palo Alto Firewall, assignment and projects I have done in My Palo Alto Specialization Journey.
Templates for writing applications using Zeek NSM communication library Broker
Automate the deletion of AWS VPC Traffic Mirror Sessions
zeek network security monitoring NIDS HIDS
Scripts and Notebooks for doing IDS analysis of Zeek/RITA outputs
Check compliance of EC2 instances for session mirroring
Use nmap and other network tools easily and efficiently
network security monitoring NIDS HIDS CTI DFIR
ECE 478 Client Fingerprinting Techniques
This a Full CCNA 3 Lab'S Ans From the Start To the End and More Can You Comment in that or edit to more since or information about that field or any update or upgrade about that Lab'S
Artemis Network Traffic Virus Monitor - Distributed Deployment Edition
A C# .net core implementation of the Community ID flow hashing standard
Use the host-as-sensor model to enumerate security-relevant information about a RHEL host and the surrounding network, identifying and reporting changes via syslog. Written in python3.
kubernetes ebpf
openvas network security monitoring NIDS HIDS
VoltSec.io Network Protection is a project aimed at providing network security and firewall functionalities to protect your network from unauthorized access and malicious activities.
A detailed basic setup config for the GNS3 Virtual Machine. This config aims to setup a software-based Intrusion Detection System with the highly popular software IDS "Snort"