nsm

There are 12 repositories under nsm topic.

arkime / arkime
Arkime is an open source, large scale, full packet capturing, indexing, and database system.
network-monitoring pcap packet-capture nsm javascript c big-data security
Language:JavaScript 6148
zeek / zeek
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
bro network-monitoring pcap security nsm dfir zeek
Language:C++ 5984
OISF / suricata
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.
security ids ips nsm network-monitoring suricata intrusion-detection-system intrusion-prevention-system threat-hunting cybersecurity network-monitor
Language:C 4129
Security-Onion-Solutions / security-onion
Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management
intrusion-detection network-security-monitoring log-management ids nsm hunting dfir
3056
networkservicemesh / networkservicemesh
The Hybrid/Multi-cloud IP Service Mesh
networking service-mesh kubernetes cloud-native nsm cncf
Language:Go 507
jasonish / evebox
Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search
security netsec suricata ids ips nsm
Language:Rust 404
mosajjal / dnsmonster
Passive DNS Capture and Monitoring Toolkit
dns dns-server dns-traffic golang nsm passive-dns passivedns pcap security security-tools
Language:Go 306
OISF / suricata-update
The tool for updating your Suricata rules.
suricata security ids ips nsm network-monitoring
Language:Python 238
beave / sagan
** README ** This repo has MOVED to https://github.com/quadrantsec/sagan
security ids ips siem log syslog nsm log-monitoring
231
jasonish / docker-suricata
A Suricata Docker image.
suricata ids nsm docker container podman
Language:Shell 226
travisbgreen / hunting-rules
Suricata rules for network anomaly detection
suricata-rule suricata ids nsm threat-hunting cybersecurity anomaly-detection cyber-threat-intelligence network-security network-monitoring lateral-movement threat-intelligence
145
zeek / packages
The default package source of the Zeek Package Manager. Wrote a package? See the README for how to get it included.
bro network-monitoring pcap security nsm package-management packages plugins
130
satta / awesome-suricata
A curated list of awesome things related to Suricata
awesome awesome-list ids ips lists nsm suricata
108
ccdcoe / CDMCS
Cyber Defence Monitoring Course Suite :: Suricata, Arkime (and others in the past)
moloch suricata monitoring nsm network-monitoring packet-capture-and-analysis arkime classroom observability packet-capture security-monitoring training
Language:Jupyter Notebook 96
jackaudio / new-session-manager
Assists music production by grouping standalone programs into sessions. Community version of "Non Session Manager".
linuxaudio nsm session-management jackaudio midi
Language:C++ 77
0xtf / nsm-attack
Mapping NSM rules to MITRE ATT&CK
mitre-attack network-security-monitoring nsm suricata suricata-rules threat-intelligence
69
PolitoInc / ELK-Hunting
Threat Hunting with ELK Workshop (InfoSecWorld 2017)
elk elk-stack elastic elasticsearch logstash kibana filebeat winlogbeat threat-hunting nsm
Language:PowerShell 64
zeek / zeek-docs
Documentation for Zeek
zeek network-monitoring pcap security nsm dfir bro
Language:Zeek 47
zeek / package-manager
A package manager for Zeek
bro network-monitoring pcap security nsm package-manager packages plugin-manager
Language:Python 42
networkservicemesh / deployments-k8s
networking nsm network examples cncf service-mesh containers networkservicemesh
Language:Shell 40
theparanoids / rdfp
Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
network monitoring security nsm threat-hunting fingerprinting rdp
Language:Zeek 37
AlkenePan / awesome-bro
Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))
bro nsm awesome
31
jasonish / suricata-trafficid.ARCHIVED
Application and service identification rules for Suricata
suricata ids nsm ips appid
Language:Python 29
OISF / suricata-intel-index
Suricata rule and intel index
suricata intel security rules signatures ids ips nsm
24
mfesiem / msiempy
McAfee SIEM API Python wrapper
mcafee siem api pyhton esm nsm msiem library datasource api-wrapper alarm watchlist filter erc receiver acknowledge monitoring query wrapper
Language:Python 23
piesecurity / docker-moloch
A Docker container for Moloch based on ubuntu
network-monitoring pcap nsm packet-capture docker-compose docker
Language:Shell 23
moshekaplan / awesome-SOC-appliances
A curated list of FOSS software appliances for building a SOC
security incident-response soc nsm dfir list
18
networkservicemesh / examples
Network Service Mesh examples repo
networking nsm networkservicemesh examples
Language:Makefile 15
andrewbeard / broworkshop
Materials for the BSides NoVA/Charleston 2018 Bro Workshop
bro training-materials nsm bsides zeek zeek-ids bro-ids bro-logs workshop
Language:Dockerfile 14
CDAC-SSDG / hpc-containers
This repo holds the containers for HPC applications used and deployed by CDAC SSDG. It is a single point of contact for the container related issues or support required
aarch64 arm hpc tau c-dac gcc hybrid-application mpi nsm profilers ssdg singularity-containers
8
hosom / odd-services
Detect weird services on a network.
bro nsm intrusion-detection
Language:Bro 8
malwareforme / ssl_sigs
Create basic Suricata and Snort signatures to detect an inbound SSL Cert for a single domain as well as a domain in the outbound TLS SNI field.
suricata snort ids ips nsm
Language:Python 8
mellow-hype / bro-stash
Collect and parse Bro logs with Logstash+Filebeat
bro logstash filebeat infosec nsm
8
alias454 / bro-formula
A saltstack formula to install BRO network security monitor on RHEL or Debian based systems
bro ids nsm network security monitoring automation saltstack salt-formula zeek
Language:SaltStack 7
fredriclesomar / Suricata-IDS-IPS-NSM-engine
Suricata config to apply IDPS mode on Ubuntu 18.04 LTS
suricata suricata-rules dos-attack metasploit-modules nmap-scan-script elf-executable hping3 network-security computer-security ubuntu1804 ubuntu-server ids ips nsm nids nips intrusion-detection-system intrusion-prevention-system af-packet
6
0snap / broker-application-templates
Templates for writing applications using Zeek NSM communication library Broker
broker examples templates intrusion-detection-system zeek zeek-ids nsm network-security-monitoring
Language:Python 5