Pinned Repositories
bento
Packer templates for building minimal Vagrant baseboxes for multiple platforms
icsnpp-synchrophasor
Zeek parser for Synchrophasor Data Transfer for Power Systems (C37.118)
Malcolm
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
Malcolm-Helm
Malcolm-PCAP
A set of PCAPs used to test the parsers used by Malcolm. Also, a curated list of PCAP collections I've found online.
network-architecture-verification-and-validation
The NAVV (Network Architecture Verification and Validation) tool creates a spreadsheet for network traffic analysis from PCAP data and Zeek logs, automating Zeek analysis of PCAP files, the collation of Zeek logs and the dissection of conn.log and dns.log to create a summary or network traffic in an XLSX-formatted spreadsheet.
nginx-auth-ldap
LDAP authentication module for nginx
spicy-asn1
Dummy parser for ASN.1 for Zeek's Spicy
vagrant-libvirt
Vagrant provider for libvirt.
zeek-sniffpass
Sniffpass will alert on cleartext passwords discovered in HTTP POST requests
mmguero-dev's Repositories
mmguero-dev/osd_sankey_vis
Sankey diagram for Kibana visualize.
mmguero-dev/nginx-auth-ldap
LDAP authentication module for nginx
mmguero-dev/protologbeat
Application accepting log data via TCP or UDP to then index the data in Elasticsearch
mmguero-dev/bzar
A set of Zeek scripts to detect ATT&CK techniques.
mmguero-dev/htadmin
HTAdmin is a simple htpasswd editor to secure web content on an apache web server
mmguero-dev/jenkins-nginx-docker
Jenkins LTS with Nginx reverse proxy in Docker - includes docker-in-docker from Jenkins
mmguero-dev/d3-plugins-sankey
A fork of D3js's Sankey plugin
mmguero-dev/logstash-filter-ieee_oui
Logstash plugin filter to match vendor names to mac addresses
mmguero-dev/zeek-af_packet-plugin
Plugin providing native AF_Packet support for Zeek (formerly known as Bro).