activecm/pcap-resources activecm/pcap-resources

  • Stars
    star
    2
  • Language
  • License
    GNU General Publi...
  • Created over 2 years ago
  • Updated over 2 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
activecm/pcap-resources
github

activecm

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Support files and tools for pcap analysis and packet capture

More Repositories

1

rita-legacy

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
Go
2,500
star
2

BeaKer

Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana
Shell
281
star
3

passer

Passive service locator, a python sniffer that identifies servers, clients, names and much more
Python
240
star
4

threat-tools

Tools for simulating threats
Python
166
star
5

rita

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
Go
97
star
6

threat-hunting-labs

Collection of walkthroughs on various threat hunting techniques
HTML
73
star
7

espy

Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
Go
66
star
8

docker-zeek

Run zeek with zeekctl in docker
Shell
44
star
9

smudge

Passive OS detection based on SYN packets without Transmitting any Data
Python
42
star
10

pcap-stats

Learn about a network from a pcap file or reading from an interface
Python
25
star
11

bro-install

An Installation Script for Bro IDS on Debian Based Systems
Shell
19
star
12

zcutter

Extracts fields from zeek logs, compatible with zeek-cut
Python
17
star
13

devprof

Device profile: Define acceptable amounts of traffic for your devices and see a report of outliers.
Python
16
star
14

sniffer-template

Template for building a packet sniffer
Python
15
star
15

zeek-open-connections

Zeek
12
star
16

ipfix-rita

Collect IPFIX / Netflow v9 Records and Ship them to RITA for Analysis
Go
10
star
17

rita-bl

Real Intelligence Threat Analytics -- Blacklist Database
Go
8
star
18

mongo-diff

A Python script for diff'ing mongo databases
Python
8
star
19

zeekcfg

A node.cfg generator for zeekctl
Go
6
star
20

zeek-log-transport

This script ships logs from Zeek to AC-Hunter
Shell
5
star
21

pi_show

Python script/library for displaying text and graphics on Raspberry Pi PiOled Hat
Python
5
star
22

shell-lib

Shell Scripts Used Across ActiveCM Projects
Shell
5
star
23

certificate-issues

Identifies certificate problems from Zeek ssl log files
Shell
5
star
24

pi_project_installer

A support library and set of scripts to simplify installing software on the Raspberry Pi/Raspbian
Shell
5
star
25

rita-blacklist

Real Intelligence Threat Analytics -- Blacklist Database
Go
5
star
26

mgosec

A Small Helper Library For Securing MongoDB Connections with Golang
Go
4
star
27

bro-rita

A bro plugin for writing log data to MongoDB for use with RITA
C++
3
star
28

safelist-tools

Tools for working with the safelist (formerly whitelist)
Go
3
star
29

docker-ca

A Docker Image For OpenSSL Certificate Authorities (For Testing)
Shell
2
star
30

zeek-log-clean

Delete Zeek log files until disk usage is under a given threshold
Shell
2
star
31

save_json_stream

JSON TCP stream importer for RITA and AC-Hunter
Python
1
star
32

DBTest

Managed Integration Testing Dependencies via Docker for Go
Go
1
star
33

bro-rita-test

Compares bro-rita against rita's built in parsing
Shell
1
star
34

bro-mongodb

C++
1
star