security-monitoring
There are 62 repositories under security-monitoring topic.
StamusNetworks/Clear-NDR-ISO
A Suricata based NDR distribution
jonrau1/ElectricEye
ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks
kunai-project/kunai
Threat-hunting tool for Linux
threathunters-io/laurel
Transform Linux Audit logs for SIEM usage
droe/xnumon
monitor macOS for malicious activity
NVISOsecurity/ee-outliers
Open-source framework to detect outliers in Elasticsearch events
MegaManSec/LDAP-Monitoring-Watchdog
LDAP Watchdog: A real-time linux-compatible LDAP monitoring tool for detecting directory changes, providing visibility into additions, modifications, and deletions for administrators and security researchers.
k8scop/k8s-security-dashboard
A security monitoring solution for Kubernetes
ccdcoe/CDMCS
Cyber Defence Monitoring Course Suite :: Suricata, Arkime (and others in the past)
Karneades/Defensomania
Defensomania is a security monitoring and incident response card game.
D4-project/sensor-d4-tls-fingerprinting
Extract TLS certificates from pcap files or network interfaces, fingerprint TLS client/server interactions with ja3/ja3s
D4-project/analyzer-d4-passivedns
A Passive DNS backend and collector
Truvis/Splunk_TA_Truvis_Suricata5
This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup a Suricata Port Mirrored Server
kookmin-sw/capstone-2021-18
O24Sec (Object-Oriented Clustering for Security Monitoring)
fabriziofiorucci/NGINX-NIM-Docker
This repository creates a docker image for NGINX Instance Manager to run it on Kubernetes, Openshift and docker-compose. Optional integration with Second Sight.
cookpad/minerva
Serverless Log Search Architecture for Security Monitoring based on Amazon Athena
m-mizutani/practical-security-monitoring
入門セキュリティ監視
MaheshShukla1/Python-SOC-Security-notes
PythonSOCModules: Elevate your Security Operations Center (SOC) with Python's Paramiko, Requests, PyShark, Scapy, Matplotlib, and Seaborn modules. Strengthen security monitoring, incident detection, and response.
StamusNetworks/Clear-NDR-templates
Recipes used by stamusctl to create Clear NDR instances.
hardenedlinux/debian-nix-manager
Using nix(DevOps) to deploy Network Security Monitoring System on Debian
0daysimpson/Get-SysmonLogs
A PowerShell client for retrieving and searching Sysmon logs
cdpxe/OpenBSDhacks
Some of my security-related coding projects for OpenBSD: A kernel-based user-profile intrusion detection system (FUPIDS) and an ICMP-based "port-knocking" service (openportd).
djdarcy/Windows-No-Internet-Secured-BUGFIX
A smart local proxy that fixes the “No Internet, Secured” error in Windows by safely emulating msftconnecttest.com and restoring real connectivity detection.
dfirvault/Splunk-DFIR-Dashboards
A collection of custom-built dashboards for threat hunting.
louisbarrett/Eager-Locomotive
Firehose ElasticSearch Kibana Stack for Security Monitoring
StasonJatham/canary
Canary – Phishing Detection via Certificate Transparency Detect newly registered phishing domains in real time by monitoring Certificate Transparency (CT) logs. Uses the Aho–Corasick algorithm for ultra-fast multi-keyword matching, scanning thousands of brand terms simultaneously to flag suspicious certificate issuances within seconds.
alhazred/illumos-fim
IFIM is an illumos fork of Achiefs File Integrity Monitoring tool that performs file system analysis, file integrity checking on illumos-based distributions.
aymenmarjan/MISP-Wazuh-Integration
A comprehensive integration solution connecting MISP threat intelligence with Wazuh security monitoring for real-time threat detection. This project provides step-by-step instructions for deploying, configuring, and integrating MISP and Wazuh with Sysmon to automatically detect indicators of compromise (IoCs) in your environment.
vxcontrol/vxagent
VXMonitor agent
hq969/Cyber-Threat-Intelligence-Analyzer
Cybersecurity Threat Intelligence Analyzer — Log analysis tool with rule-based detections and ML anomaly detection, featuring a Streamlit dashboard and CLI support.
JohnnyS1lverhand/tinysoc-lightweight-lab
Lightweight SOC lab with ELK, Suricata, ClamAV and Auditd — built and tested on a MacBook Air M1.
KirbysGit/secureScapeApp
🔒📱 A portable security monitoring system that transforms your phone into a command center for AI-powered surveillance - featuring real-time person detection, instant push notifications, and seamless ESP32 hardware integration for complete peace of mind anywhere, anytime.
lucianoscarpaci/Honeypot
Dionaea raspberry pi honeypot project using Google Cloud Platform to setup. Once the Dionaea is properly connected, It will be ready to pick up incoming attackers who may try to breach the security of the Virtual Machine.
RegularGeek/SIEM-Deployment-Threat-Detection-Wazuh-ELK-Log-Analysis
A SIEM deployment project focused on log analysis, threat detection, and security monitoring using Wazuh, ELK Stack, and correlation rules.
secmon-lab/overseer
A security log analysis tool for data lake with combination of SQL query and Rego policy