activecm/zcutter activecm/zcutter

  • Stars
    star
    17
  • Rank 1,257,181 (Top 25 %)
  • Language
    Python
  • License
    GNU General Publi...
  • Created over 1 year ago
  • Updated 5 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
activecm/zcutter
github

activecm

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Extracts fields from zeek logs, compatible with zeek-cut

More Repositories

1

rita-legacy

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
Go
2,500
star
2

BeaKer

Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana
Shell
281
star
3

passer

Passive service locator, a python sniffer that identifies servers, clients, names and much more
Python
240
star
4

threat-tools

Tools for simulating threats
Python
166
star
5

rita

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
Go
97
star
6

threat-hunting-labs

Collection of walkthroughs on various threat hunting techniques
HTML
73
star
7

espy

Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
Go
66
star
8

docker-zeek

Run zeek with zeekctl in docker
Shell
44
star
9

smudge

Passive OS detection based on SYN packets without Transmitting any Data
Python
42
star
10

pcap-stats

Learn about a network from a pcap file or reading from an interface
Python
25
star
11

bro-install

An Installation Script for Bro IDS on Debian Based Systems
Shell
19
star
12

devprof

Device profile: Define acceptable amounts of traffic for your devices and see a report of outliers.
Python
16
star
13

sniffer-template

Template for building a packet sniffer
Python
15
star
14

zeek-open-connections

Zeek
12
star
15

ipfix-rita

Collect IPFIX / Netflow v9 Records and Ship them to RITA for Analysis
Go
10
star
16

rita-bl

Real Intelligence Threat Analytics -- Blacklist Database
Go
8
star
17

mongo-diff

A Python script for diff'ing mongo databases
Python
8
star
18

zeekcfg

A node.cfg generator for zeekctl
Go
6
star
19

zeek-log-transport

This script ships logs from Zeek to AC-Hunter
Shell
5
star
20

pi_show

Python script/library for displaying text and graphics on Raspberry Pi PiOled Hat
Python
5
star
21

shell-lib

Shell Scripts Used Across ActiveCM Projects
Shell
5
star
22

certificate-issues

Identifies certificate problems from Zeek ssl log files
Shell
5
star
23

pi_project_installer

A support library and set of scripts to simplify installing software on the Raspberry Pi/Raspbian
Shell
5
star
24

rita-blacklist

Real Intelligence Threat Analytics -- Blacklist Database
Go
5
star
25

mgosec

A Small Helper Library For Securing MongoDB Connections with Golang
Go
4
star
26

bro-rita

A bro plugin for writing log data to MongoDB for use with RITA
C++
3
star
27

safelist-tools

Tools for working with the safelist (formerly whitelist)
Go
3
star
28

docker-ca

A Docker Image For OpenSSL Certificate Authorities (For Testing)
Shell
2
star
29

pcap-resources

Support files and tools for pcap analysis and packet capture
2
star
30

zeek-log-clean

Delete Zeek log files until disk usage is under a given threshold
Shell
2
star
31

save_json_stream

JSON TCP stream importer for RITA and AC-Hunter
Python
1
star
32

DBTest

Managed Integration Testing Dependencies via Docker for Go
Go
1
star
33

bro-rita-test

Compares bro-rita against rita's built in parsing
Shell
1
star
34

bro-mongodb

C++
1
star