network-security-monitoring

There are 5 repositories under network-security-monitoring topic.

• Security-Onion-Solutions / security-onion

  Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management

  intrusion-detectionnetwork-security-monitoringlog-managementidsnsmhuntingdfir
  3057

• rafael-santiago / pig

  A Linux packet crafting tool.

  packet-craftingnetworkinghacking-toolintrusion-preventionforensicsnetwork-analysisnetwork-security-monitoringdenial-of-servicehackingnetwork-protocolsnetwork-testarp-spoofing
  Language:C 459

• codeexpress / respounder

  Respounder detects presence of responder in the network.

  respondergolangnetwork-security-monitoringnetwork-securityhackersllmnrcomputer-securityblue-teamattack-preventionattack-defense
  Language:Go 311

• corelight / community-id-spec

  An open standard for hashing network flows into identifiers, a.k.a "Community IDs".

  flow-hashingnetwork-monitoringnetwork-securitynetwork-flownetwork-security-monitoringcommunity-id
  Language:Python 162

• 0xtf / nsm-attack

  Mapping NSM rules to MITRE ATT&CK

  mitre-attacknetwork-security-monitoringnsmsuricatasuricata-rulesthreat-intelligence
  69

• mytechnotalent / Zeek-Network-Security-Monitor

  A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.

  zeekbronetwork-securitycybersecuritycyber-securitycybercyber-threat-intelligencecyber-security-teampcapnetwork-trafficnetwork-analysisnetwork-monitoringnetworkzeek-instancelessonconnnetwork-security-monitoringhackinghack
  Language:Zeek 58
• testmynids.org

  0xtf / testmynids.org

  A website and framework for testing NIDS detection

  network-securitynetwork-monitoringsuricatanetwork-security-monitoringsnortemergingthreatsnids
  Language:Shell 56

• tatsuiman / rpot2

  Real-time Packet Observation Tool

  intelligencethreat-huntingpcap-analyzerelkbig-data-analyticsvirtualizationnetwork-security-monitoringmalware-researchyara
  Language:Bro 39
• AWS-AutoMirror

  3CORESec / AWS-AutoMirror

  Automation of VPC Traffic Mirror Sessions in AWS

  awsaws-lambdanetwork-security-monitoringaws-securityaws-security-automation
  Language:JavaScript 33

• edoardottt / boggart

  Highly customizable low-interaction experimental honeypot that mimics specific hosts.

  honeypothoneypotsblue-teamdefensedefensive-securitynetworksecuritycyber-defensehoneypot-httpnetwork-analysisnetwork-securityweb-securitybrute-forcedos-attackhacktoberfestlog-analysissecurity-toolsattack-detectionnetwork-security-monitoring
  Language:Go 27

• jxnet / Jxnet

  Jxnet is a Java library for capturing and sending custom network packet buffers with no copies. Jxnet wraps a native packet capture library (libpcap/winpcap/npcap) via JNI (Java Native Interface).

  packet-capturepacket-snifferlibpcapnpcapwinpcapjavapcap-librarysending-packetscapture-packetsjnipacket-craftingpacket-analyzersecuritysecurity-scannersecurity-auditnetwork-securitynetwork-security-monitoring
  Language:Java 26

• corelight / pycommunityid

  A Python implementation of the Community ID flow hashing standard

  flow-hashingnetwork-monitoringnetwork-securitynetwork-security-monitoringcommunity-id
  Language:Python 24

• alonecoder1337 / Dos-Attack-Detection-using-Machine-Learning

  A machine learning program, that detects denial of service attack using machine learning technique.

  machine-learningpythonscikit-learndecision-treesdenial-of-servicenetwork-security-monitoring
  Language:Python 22

• satta / gommunityid

  Go implementation of the Community ID flow hashing standard

  flow-hashingnetwork-monitoringnetwork-securitynetwork-security-monitoringcommunity-idsuricatazeekbrogogolang
  Language:Go 18
• AWS-Mirror-Toolkit

  3CORESec / AWS-Mirror-Toolkit

  A set of tools and procedures for automating NSM and NIDS deployments in AWS

  awsaws-lambdanetwork-security-monitoringaws-securityaws-security-automation
  16

• Truvis / Splunk_TA_Truvis_Suricata5

  This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup a Suricata Port Mirrored Server

  splunksplunk-applicationsplunk-addonsplunk-securitysiemsuricatasecuritysecurity-dashboardsecurity-monitoringsecurity-alertsnetwork-securitynetwork-security-monitoringsplunk-alertssplunk-httpsplunk-enterprisesplunk-searchessplunk-universal-forwardersplunk-hecsplunk-impact-cloudsplunk-sdk
  14

• imsiddhant / Palo-Alto-Networks-Cybersecurity-Specialization

  This repository shows all the hands on experience on Palo Alto Firewall, assignment and projects I have done in My Palo Alto Specialization Journey.

  palo-alto-firewallnetworksecuritynetwork-security-monitoringnetwork-securityfirewall-configurationfirewallthreat-analyzerpalo-alto-networks
  6

• 0snap / broker-application-templates

  Templates for writing applications using Zeek NSM communication library Broker

  brokerexamplestemplatesintrusion-detection-systemzeekzeek-idsnsmnetwork-security-monitoring
  Language:Python 5

• diveyez / fw.sh

  Linux Network Defense Scripting (BASH)

  blacklistsddos-mitigationddos-protectionfirewall-rulesnetsec-toolsnetwork-securitynetwork-security-monitoringoffsec
  Language:Shell 5
• AWS-TMS-Remover

  3CORESec / AWS-TMS-Remover

  Automate the deletion of AWS VPC Traffic Mirror Sessions

  awsnetwork-security-monitoringaws-securitypython-script
  Language:Python 3

• vrikodar / Wizard

  A Full Fledged iptables Firewall automation framework For Linux with Log monitoring..

  firewall-ruleslinux-firewallblockipfirewall-managementfirewall-configurationfirewallsiptables-firewalliptables-configurationiptables-rulesnetfilter-queuenetfilter-persistentfirewalllinux-securitynetwork-security-monitoringnetwork-security
  Language:Shell 3

• githubfoam / zeek-sandbox

  zeek network security monitoring NIDS HIDS

  zeeknetwork-security-monitoringhost-basedintrusion-detection-systemhidsnidsnetwork-baseddigital-forensics-incident-responsedigital-forensic-readinesscyber-threat-intelligencepipeline
  Language:Ruby 2

• jsutch / RITA_Scripts

  Scripts and Notebooks for doing IDS analysis of Zeek/RITA outputs

  network-security-monitoringzeekritajupyter-notebooksecurity-toolsidsnidsc2beaconsblue-teamthreat-huntingthreat-intelligence
  Language:Jupyter Notebook 2
• AWS-Config-MirrorSession

  3CORESec / AWS-Config-MirrorSession

  Check compliance of EC2 instances for session mirroring

  awsaws-lambdaaws-configaws-config-rulesaws-securitynetwork-security-monitoringaws-security-automation
  Language:JavaScript 1

• adkauf / nmap-mon

  Automated monitoring and alerting for network changes

  network-security-monitoringnmap
  Language:Shell 1

• ArcticDev78 / netsploit-py

  Use nmap and other network tools easily and efficiently

  device-infonetworknetwork-scannernetwork-securitynetwork-security-monitoringnetwork-statisticsnetworkingnetworking-in-pythonnmappython
  Language:Python 1

• githubfoam / suricata-sandbox

  network security monitoring NIDS HIDS CTI DFIR

  network-security-monitoringnidshidshost-basednetwork-basedartificial-intelligencedigital-forensics-incident-responsedigital-forensic-readinesscyber-threat-intelligence
  1

• tristanluther28 / network_security_project

  ECE 478 Client Fingerprinting Techniques

  network-securitynetwork-security-monitoring
  Language:PHP 1

• 7elmie / CCNA-3-Lab-S-4-U

  This a Full CCNA 3 Lab'S Ans From the Start To the End and More Can You Comment in that or edit to more since or information about that field or any update or upgrade about that Lab'S

  answerslablabsnetworknetwork-analysisnetwork-programmingnetwork-programming-labnetwork-securitynetwork-security-monitoringnetworkingpktpkt-files
  0

• atw31337 / artemis-distributed

  Artemis Network Traffic Virus Monitor - Distributed Deployment Edition

  virus-scanningnetwork-securitynetwork-security-monitoringvirus-detectionmalware-detection
  Language:Shell 0

• decompile / community-id-dotnet-core

  A C# .net core implementation of the Community ID flow hashing standard

  network-flownetwork-monitoringnetwork-security-monitoringnetwork-secuirtyflow-hashingcommunity-id
  Language:C# 0

• lanl / rhelhostinfo

  Use the host-as-sensor model to enumerate security-relevant information about a RHEL host and the surrounding network, identifying and reporting changes via syslog. Written in python3.

  python3cybersecurityinformation-securityredhat-enterprise-linuxredhat7redhat8continuous-monitoringhost-discoveryhost-monitoringnetwork-securitynetwork-security-monitoringsecurity
  Language:Python 0

• githubfoam / k8s-ebpf-sandbox

  kubernetes ebpf

  kubernetesebpfnetwork-security-monitoringnetwork-observabilitypipeline
  Language:Shell

• githubfoam / openvas-sandbox

  openvas network security monitoring NIDS HIDS

  openvasnidshidsvulnerability-scannersvulnerability-detectionnetwork-security-monitoring
  Language:Jinja

• VotSec-io / VoltSec.io-Network-Protection

  VoltSec.io Network Protection is a project aimed at providing network security and firewall functionalities to protect your network from unauthorized access and malicious activities.

  network-securitygolangnetwork-security-monitoring
  Language:Go

• wahaj / Snort-IDS

  A detailed basic setup config for the GNS3 Virtual Machine. This config aims to setup a software-based Intrusion Detection System with the highly popular software IDS "Snort"

  gns3vmintrusion-detection-systemsnortnetwork-security-monitoring