• Stars
    star
    17
  • Rank 1,257,181 (Top 25 %)
  • Language
    Python
  • License
    GNU General Publi...
  • Created over 1 year ago
  • Updated 4 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Extracts fields from zeek logs, compatible with zeek-cut

More Repositories

1

rita-legacy

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
Go
2,500
star
2

BeaKer

Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana
Shell
281
star
3

passer

Passive service locator, a python sniffer that identifies servers, clients, names and much more
Python
240
star
4

threat-tools

Tools for simulating threats
Python
166
star
5

rita

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
Go
97
star
6

threat-hunting-labs

Collection of walkthroughs on various threat hunting techniques
HTML
73
star
7

espy

Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
Go
66
star
8

docker-zeek

Run zeek with zeekctl in docker
Shell
44
star
9

smudge

Passive OS detection based on SYN packets without Transmitting any Data
Python
42
star
10

pcap-stats

Learn about a network from a pcap file or reading from an interface
Python
25
star
11

bro-install

An Installation Script for Bro IDS on Debian Based Systems
Shell
19
star
12

devprof

Device profile: Define acceptable amounts of traffic for your devices and see a report of outliers.
Python
16
star
13

sniffer-template

Template for building a packet sniffer
Python
15
star
14

zeek-open-connections

Zeek
12
star
15

ipfix-rita

Collect IPFIX / Netflow v9 Records and Ship them to RITA for Analysis
Go
10
star
16

rita-bl

Real Intelligence Threat Analytics -- Blacklist Database
Go
8
star
17

mongo-diff

A Python script for diff'ing mongo databases
Python
8
star
18

zeekcfg

A node.cfg generator for zeekctl
Go
6
star
19

zeek-log-transport

This script ships logs from Zeek to AC-Hunter
Shell
5
star
20

pi_show

Python script/library for displaying text and graphics on Raspberry Pi PiOled Hat
Python
5
star
21

shell-lib

Shell Scripts Used Across ActiveCM Projects
Shell
5
star
22

certificate-issues

Identifies certificate problems from Zeek ssl log files
Shell
5
star
23

pi_project_installer

A support library and set of scripts to simplify installing software on the Raspberry Pi/Raspbian
Shell
5
star
24

rita-blacklist

Real Intelligence Threat Analytics -- Blacklist Database
Go
5
star
25

mgosec

A Small Helper Library For Securing MongoDB Connections with Golang
Go
4
star
26

bro-rita

A bro plugin for writing log data to MongoDB for use with RITA
C++
3
star
27

safelist-tools

Tools for working with the safelist (formerly whitelist)
Go
3
star
28

docker-ca

A Docker Image For OpenSSL Certificate Authorities (For Testing)
Shell
2
star
29

pcap-resources

Support files and tools for pcap analysis and packet capture
2
star
30

zeek-log-clean

Delete Zeek log files until disk usage is under a given threshold
Shell
2
star
31

save_json_stream

JSON TCP stream importer for RITA and AC-Hunter
Python
1
star
32

DBTest

Managed Integration Testing Dependencies via Docker for Go
Go
1
star
33

bro-rita-test

Compares bro-rita against rita's built in parsing
Shell
1
star
34

bro-mongodb

C++
1
star