"topic:network-security-monitoring" — Search

A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.

Zeek629Updated 3 months ago

broconncybercyber-securitycyber-security-teamcyber-threat-intelligencecybersecurityhackhackinglessonnetworknetwork-analysisnetwork-monitoringnetwork-securitynetwork-security-monitoringnetwork-trafficpcapzeekzeek-instance

0xtf/testmynids.org

A website and framework for testing NIDS detection

Shell573Updated 4 years ago

emergingthreatsnetwork-monitoringnetwork-securitynetwork-security-monitoringnidssnortsuricata

tatsuiman/rpot2

Real-time Packet Observation Tool

Bro396Updated 2 years ago

big-data-analyticselkintelligencemalware-researchnetwork-security-monitoringpcap-analyzerthreat-huntingvirtualizationyara

edoardottt/boggart

Highly customizable low-interaction experimental honeypot that mimics specific hosts.

Go394Updated 1 month ago

attack-detectionblue-teambrute-forcecyber-defensedefensedefensive-securitydos-attackhacktoberfesthoneypothoneypot-httphoneypotslog-analysisnetworknetwork-analysisnetwork-securitynetwork-security-monitoringsecuritysecurity-toolsweb-security

3CORESec/AWS-AutoMirror

Automation of VPC Traffic Mirror Sessions in AWS

JavaScript355Updated 4 months ago

awsaws-lambdaaws-securityaws-security-automationnetwork-security-monitoring

jxnet/JxnetArchived

Jxnet is a Java library for capturing and sending custom network packet buffers with no copies. Jxnet wraps a native packet capture library (libpcap/winpcap/npcap) via JNI (Java Native Interface).

Java284Updated 5 years ago

capture-packetsjavajnilibpcapnetwork-securitynetwork-security-monitoringnpcappacket-analyzerpacket-capturepacket-craftingpacket-snifferpcap-librarysecuritysecurity-auditsecurity-scannersending-packetswinpcap

alonecoder1337/Dos-Attack-Detection-using-Machine-Learning

A machine learning program, that detects denial of service attack using machine learning technique.

Python2514Updated 6 years ago

decision-treesdenial-of-servicemachine-learningnetwork-security-monitoringpythonscikit-learn

corelight/pycommunityid

A Python implementation of the Community ID flow hashing standard

Python2310Updated 2 years ago

community-idflow-hashingnetwork-monitoringnetwork-securitynetwork-security-monitoring

satta/gommunityid

Go implementation of the Community ID flow hashing standard

Go224Updated 11 months ago

brocommunity-idflow-hashinggogolangnetwork-monitoringnetwork-securitynetwork-security-monitoringsuricatazeek

3CORESec/AWS-Mirror-Toolkit

A set of tools and procedures for automating NSM and NIDS deployments in AWS

155Updated 5 years ago

awsaws-lambdaaws-securityaws-security-automationnetwork-security-monitoring

Truvis/Splunk_TA_Truvis_Suricata5

This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup a Suricata Port Mirrored Server

151Updated 5 years ago

network-securitynetwork-security-monitoringsecuritysecurity-alertssecurity-dashboardsecurity-monitoringsiemsplunksplunk-addonsplunk-alertssplunk-applicationsplunk-enterprisesplunk-hecsplunk-httpsplunk-impact-cloudsplunk-sdksplunk-searchessplunk-securitysplunk-universal-forwardersuricata

3CORESec/AWS-TMS-Remover

Automate the deletion of AWS VPC Traffic Mirror Sessions

Python101Updated 5 years ago

awsaws-securitynetwork-security-monitoringpython-script

Largo-m/Instagram-Phishing-Page

A legal and educational tool for cybersecurity testing and ethical hacking.

HTML72Updated 7 months ago

blue-teamcyber-threat-intelligencecybersecurityethical-hacking-pythonethical-hacking-toolsfakepagehackingincident-responsejavascriptnetwork-security-monitoringpenetration-testingphishing-pagepythonsecurity-automationsocialengineering

tsikerdekis/overnight-hercules-network-security

Overnight Hercules for Network Security: Become a Security Analyst book

71Updated 2 months ago

bookcomputer-sciencenetworknetwork-securitynetwork-security-monitoringopensearchsecuritysecurity-analysissecurity-analystsuricata

imsiddhant/Palo-Alto-Networks-Cybersecurity-Specialization

This repository shows all the hands on experience on Palo Alto Firewall, assignment and projects I have done in My Palo Alto Specialization Journey.

65Updated 5 years ago

firewallfirewall-configurationnetwork-securitynetwork-security-monitoringnetworksecuritypalo-alto-firewallpalo-alto-networksthreat-analyzer

diveyez/fw.sh

Linux Network Defense Scripting (BASH)

Shell51Updated 3 years ago

blacklistsddos-mitigationddos-protectionfirewall-rulesnetsec-toolsnetwork-securitynetwork-security-monitoringoffsec

0snap/broker-application-templates

Templates for writing applications using Zeek NSM communication library Broker

Python50Updated 7 years ago

brokerexamplesintrusion-detection-systemnetwork-security-monitoringnsmtemplateszeekzeek-ids

UHH-ISS/rt-kcsm

Real-Time Detection of Multi-Stage Attacks using Kill Chain State Machines: Detect multi-stage attacks by correlating alerts from Intrusion Detection Systems (IDS) to generate scenario graphs. By prioritising alerts based on the kill chain model the RT-KCSM reduces false-positive alerts.

Jupyter Notebook51Updated 1 week ago

advanced-persistent-threatalert-correlationattack-graphcybersecurityidsintrusion-detectionkill-chainnetwork-securitynetwork-security-monitoringresearchsecuritysecurity-tools

Nervi0z/blue-team-tools

Curated Blue Team toolkit for defensive cybersecurity: asset discovery, vulnerability management, network monitoring, DFIR, threat intelligence, cryptography, endpoint security and SIEM/log management.

41Updated 1 week ago

asset-discoveryblue-teamcybersecuritycybersecurity-toolsdfirdigital-forensicsendpoint-securityincident-responsenetwork-security-monitoringopen-sourcephishing-analysissecurity-toolssiemthreat-intelligencevulnerability-management

vrikodar/Wizard

A Full Fledged iptables Firewall automation framework For Linux with Log monitoring..

Shell32Updated 4 years ago

blockipfirewallfirewall-configurationfirewall-managementfirewall-rulesfirewallsiptables-configurationiptables-firewalliptables-ruleslinux-firewalllinux-securitynetfilter-persistentnetfilter-queuenetwork-securitynetwork-security-monitoring

jsutch/c2_beacon_analysis

Network Intrusion Detection analysis and enhancement of IDS tool outputs to identify probable bad actors/malware versus distracting corpware beacons

Jupyter Notebook31Updated 1 year ago

beaconsblue-teamc2idsjupyter-notebooknetwork-security-monitoringnidsritasecurity-toolsthreat-huntingthreat-intelligencezeek

Montimage/mmt-manual

Documentation of the MMT (Montimage Monitoring Tool) framework