Pinned Repositories
bento
Packer templates for building minimal Vagrant baseboxes for multiple platforms
icsnpp-synchrophasor
Zeek parser for Synchrophasor Data Transfer for Power Systems (C37.118)
Malcolm
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
Malcolm-Helm
Malcolm-PCAP
A set of PCAPs used to test the parsers used by Malcolm. Also, a curated list of PCAP collections I've found online.
network-architecture-verification-and-validation
The NAVV (Network Architecture Verification and Validation) tool creates a spreadsheet for network traffic analysis from PCAP data and Zeek logs, automating Zeek analysis of PCAP files, the collation of Zeek logs and the dissection of conn.log and dns.log to create a summary or network traffic in an XLSX-formatted spreadsheet.
nginx-auth-ldap
LDAP authentication module for nginx
spicy-asn1
Dummy parser for ASN.1 for Zeek's Spicy
vagrant-libvirt
Vagrant provider for libvirt.
zeek-sniffpass
Sniffpass will alert on cleartext passwords discovered in HTTP POST requests
mmguero-dev's Repositories
mmguero-dev/Malcolm-PCAP
A set of PCAPs used to test the parsers used by Malcolm. Also, a curated list of PCAP collections I've found online.
mmguero-dev/Malcolm
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
mmguero-dev/arkime
Moloch is an open source, large scale, full packet capturing, indexing, and database system.
mmguero-dev/bento
Packer templates for building minimal Vagrant baseboxes for multiple platforms
mmguero-dev/bzar
A set of Zeek scripts to detect ATT&CK techniques.
mmguero-dev/icsnpp-dnp3
Zeek DNP3 Extension Scripts - CISA ICSNPP
mmguero-dev/icsnpp-enip
Zeek Ethernet/IP and CIP Parser - CISA ICSNPP
mmguero-dev/icsnpp-modbus
Zeek Modbus Extension Scripts - CISA ICSNPP
mmguero-dev/icsnpp-synchrophasor
Zeek parser for Synchrophasor Data Transfer for Power Systems (C37.118)
mmguero-dev/Malcolm-Helm
mmguero-dev/osd_transform_vis
OpenSearch-Dashboards plugin to create custom visualisations
mmguero-dev/ACID
mmguero-dev/icsnpp-bacnet
Zeek BACnet Parser - CISA ICSNPP
mmguero-dev/icsnpp-bsap
Zeek BSAP Parser - CISA ICSNPP
mmguero-dev/icsnpp-ethercat
Zeek Ethercat Parser - CISA ICSNPP
mmguero-dev/icsnpp-ge-srtp
Zeek GE SRTP Parser - CISA ICSNPP
mmguero-dev/icsnpp-genisys
Industrial Control Systems Network Protocol Parsers (ICSNPP) - Genisys over TCP/IP
mmguero-dev/icsnpp-hart-ip
Zeek HART-IP Parser - CISA ICSNPP
mmguero-dev/icsnpp-opcua-binary
Zeek OPCUA Binary Parser - CISA ICSNPP
mmguero-dev/icsnpp-profinet-io-cm
Zeek Profinet I/O Context Manager Parser - CISA ICSNPP
mmguero-dev/icsnpp-s7comm
Zeek S7comm, S7comm-plus, and COTP Parser - CISA ICSNPP
mmguero-dev/lru_reredux
An efficient optionally thread safe LRU Cache
mmguero-dev/Malcolm-Test
mmguero-dev/misc-debug
miscellaneous stuff for debugging and collaboration
mmguero-dev/netbox-initializers
Plugin to load predefined data into Netbox
mmguero-dev/packages
The default package source of the Zeek Package Manager
mmguero-dev/polyglot
Cross-compiling toolchain environment and minimalistic C library.
mmguero-dev/polyglot-libc
The C library component of Polyglot.
mmguero-dev/zeek-iec104
A Zeek Parser for the IEC 104 protcol built using Spicy.
mmguero-dev/zeek-spicy-ospf
A Zeek OSPF packet analyzer based on Spicy.