Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management
-
Updated
Apr 16, 2021
Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management
A Linux packet crafting tool.
Respounder detects presence of responder in the network.
An open standard for hashing network flows into identifiers, a.k.a "Community IDs".
Mapping NSM rules to MITRE ATT&CK
A machine learning program, that detects denial of service attack using machine learning technique.
A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
A Python implementation of the Community ID flow hashing standard
Real-time Packet Observation Tool
A set of tools and procedures for automating NSM and NIDS deployments in AWS
This repository shows all the hands on experience on Palo Alto Firewall, assignment and projects I have done in My Palo Alto Specialization Journey.
Jxnet is a Java library for capturing and sending custom network packet buffers with no copies. Jxnet wraps a native packet capture library (libpcap/winpcap/npcap) via JNI (Java Native Interface).
A website and framework for testing NIDS detection
Highly customizable low-interaction experimental honeypot that mimics specific hosts.
Go implementation of the Community ID flow hashing standard
Modified version of scan.bro to add destination IP sampling
A Full Fledged iptables Firewall automation framework For Linux with Log monitoring..
Automation of VPC Traffic Mirror Sessions in AWS
Artemis Network Traffic Virus Monitor - Distributed Deployment Edition
A detailed basic setup config for the GNS3 Virtual Machine. This config aims to setup a software-based Intrusion Detection System with the highly popular software IDS "Snort"
Add a description, image, and links to the network-security-monitoring topic page so that developers can more easily learn about it.
To associate your repository with the network-security-monitoring topic, visit your repo's landing page and select "manage topics."