Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management
-
Updated
Apr 16, 2021
Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management
A Linux packet crafting tool.
Respounder detects presence of responder in the network.
An open standard for hashing network flows into identifiers, a.k.a "Community IDs".
Mapping NSM rules to MITRE ATT&CK
A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
A website and framework for testing NIDS detection
Real-time Packet Observation Tool
Automation of VPC Traffic Mirror Sessions in AWS
Highly customizable low-interaction experimental honeypot that mimics specific hosts.
Jxnet is a Java library for capturing and sending custom network packet buffers with no copies. Jxnet wraps a native packet capture library (libpcap/winpcap/npcap) via JNI (Java Native Interface).
A Python implementation of the Community ID flow hashing standard
A machine learning program, that detects denial of service attack using machine learning technique.
Go implementation of the Community ID flow hashing standard
A set of tools and procedures for automating NSM and NIDS deployments in AWS
This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup a Suricata Port Mirrored Server
This repository shows all the hands on experience on Palo Alto Firewall, assignment and projects I have done in My Palo Alto Specialization Journey.
Linux Network Defense Scripting (BASH)
Templates for writing applications using Zeek NSM communication library Broker
A Full Fledged iptables Firewall automation framework For Linux with Log monitoring..
Add a description, image, and links to the network-security-monitoring topic page so that developers can more easily learn about it.
To associate your repository with the network-security-monitoring topic, visit your repo's landing page and select "manage topics."