A Suricata based IDS/IPS/NSM distro
ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & ...
Threat-hunting tool for Linux
Transform Linux Audit logs for SIEM usage
#计算机科学#Open-source framework to detect outliers in Elasticsearch events
LDAP Watchdog: A real-time linux-compatible LDAP monitoring tool for detecting directory changes, providing visibility into additions, modifications, and deletions for administrators and security rese...
A security monitoring solution for Kubernetes
Cyber Defence Monitoring Course Suite :: Suricata, Arkime (and others in the past)
Defensomania is a security monitoring and incident response card game.
Extract TLS certificates from pcap files or network interfaces, fingerprint TLS client/server interactions with ja3/ja3s
A Passive DNS backend and collector
This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup a Suricata Port Mirrored Server
O24Sec (Object-Oriented Clustering for Security Monitoring)
This repository creates a docker image for NGINX Instance Manager to run it on Kubernetes, Openshift and docker-compose. Optional integration with Second Sight.
#搜索#Serverless Log Search Architecture for Security Monitoring based on Amazon Athena
Using nix(DevOps) to deploy Network Security Monitoring System on Debian
A PowerShell client for retrieving and searching Sysmon logs
Some of my security-related coding projects for OpenBSD: A kernel-based user-profile intrusion detection system (FUPIDS) and an ICMP-based "port-knocking" service (openportd).