Arkime (formerly Moloch) is an open source, large scale, full packet capturing, indexing, and database system.
-
Updated
Jun 3, 2022 - JavaScript
#
nsm
Here are 50 public repositories matching this topic...
1
good first issue
A good place to get started working with Zeek.
Complexity: Modest
A cup of tea and an evening (or two) with Zeek.
Area: Protocol Analysis
Type: Project
A self-contained project of moderate size/difficulty and somewhat interesting work. E.g. for interns
Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management
-
Updated
Apr 16, 2021
Suricata git repository maintained by the OISF
-
Updated
Jun 5, 2022 - C
The Hybrid/Multi-cloud IP Service Mesh
-
Updated
Oct 28, 2021 - Go
** README ** This repo has MOVED to https://github.com/quadrantsec/sagan
-
Updated
Feb 9, 2021
The default package source of the Zeek Package Manager
-
Updated
Jun 3, 2022
Suricata rules for network anomaly detection
cybersecurity
suricata
ids
network-monitoring
threat-hunting
nsm
network-security
threat-intelligence
anomaly-detection
suricata-rule
cyber-threat-intelligence
lateral-movement
-
Updated
Jun 3, 2022
Cyber Defence Monitoring Course Suite :: Suricata, Moloch and others
-
Updated
Jun 1, 2022 - Jupyter Notebook
Assists music production by grouping standalone programs into sessions. Community version of "Non Session Manager".
-
Updated
Apr 14, 2022 - C++
Threat Hunting with ELK Workshop (InfoSecWorld 2017)
-
Updated
Oct 31, 2017 - PowerShell
Mapping NSM rules to MITRE ATT&CK
-
Updated
Aug 29, 2020
A package manager for Zeek
-
Updated
Jun 3, 2022 - Python
Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
-
Updated
May 15, 2020 - Zeek
Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))
-
Updated
Apr 17, 2020
A Docker container for Moloch based on ubuntu
-
Updated
Jan 24, 2022 - Shell
McAfee SIEM API Python wrapper
api
alarm
wrapper
library
query
monitoring
filter
receiver
api-wrapper
pyhton
siem
nsm
datasource
watchlist
esm
erc
mcafee
msiem
acknowledge
-
Updated
Aug 10, 2021 - Python
Network Service Mesh examples repo
-
Updated
Oct 28, 2021 - Makefile
Monitors Bro NSM logs and sends them to Elasticsearch
-
Updated
Sep 3, 2017 - Python
A saltstack formula to install BRO network security monitor on RHEL or Debian based systems
-
Updated
Aug 18, 2019 - SaltStack
Improve this page
Add a description, image, and links to the nsm topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the nsm topic, visit your repo's landing page and select "manage topics."
We currently have coverage for raw packets, pop3, and dns (in a fashion). It would be good to expand our coverage to other major protocols. I'm currently thinking at least the following:
On top of that, we should take a look at the coverage statistics we're getting from oss-fuzz and determine where the ga