Data

Tools

Indexes

Applications

Experiments

Repos

An open API service providing repository metadata for many open source software ecosystems.

GitHub topics: security-monitoring

agtkh/UDP-DNS-Query-Analyzer

A Linux kernel module that captures and analyzes UDP DNS queries using Netfilter. It hooks into the network stack to inspect DNS packets, extracts the queried domain name (QNAME), and logs the details (source IP, destination IP, QNAME) to the kernel log.

Language: C - Size: 22.5 KB - Last synced at: about 12 hours ago - Pushed at: about 13 hours ago - Stars: 0 - Forks: 0

pratiyk/Link-Load

A modular cybersecurity platform for scanning malicious links, monitoring threats, and integrating secure-by-design practices in applications. Link & Load helps developers, analysts, and small businesses stay ahead of cyber threats by offering a security-first, plug-and-play system

Language: JavaScript - Size: 42.2 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 0 - Forks: 0

kunai-project/kunai

Threat-hunting tool for Linux

Language: Rust - Size: 1.2 MB - Last synced at: 11 days ago - Pushed at: about 2 months ago - Stars: 946 - Forks: 69

djdarcy/Windows-No-Internet-Secured-BUGFIX

A smart local proxy that fixes the “No Internet, Secured” error in Windows by safely emulating msftconnecttest.com and restoring real connectivity detection.

Language: Python - Size: 557 KB - Last synced at: 16 days ago - Pushed at: 16 days ago - Stars: 3 - Forks: 0

lucianoscarpaci/Honeypot

Dionaea raspberry pi honeypot project using Google Cloud Platform to setup. Once the Dionaea is properly connected, It will be ready to pick up incoming attackers who may try to breach the security of the Virtual Machine.

Language: Dockerfile - Size: 737 KB - Last synced at: 9 days ago - Pushed at: over 2 years ago - Stars: 1 - Forks: 0

threathunters-io/laurel

Transform Linux Audit logs for SIEM usage

Language: Rust - Size: 694 KB - Last synced at: 28 days ago - Pushed at: 28 days ago - Stars: 773 - Forks: 62

aditya8Raj/cybersec-log-analyzer

A comprehensive Python tool for SOC analysts to detect suspicious activities in system logs. Features brute-force detection, SSH analysis, threat assessment, and professional reporting. No external dependencies, production-ready, with full test coverage.

Language: Python - Size: 0 Bytes - Last synced at: 29 days ago - Pushed at: 29 days ago - Stars: 0 - Forks: 0

RegularGeek/SIEM-Deployment-Threat-Detection-Wazuh-ELK-Log-Analysis

A SIEM deployment project focused on log analysis, threat detection, and security monitoring using Wazuh, ELK Stack, and correlation rules.

Size: 3.91 KB - Last synced at: 30 days ago - Pushed at: 30 days ago - Stars: 0 - Forks: 0

YangYang-Research/whale-sentinel-controllers

The Whale Sentinel Controllers

Size: 4.88 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0

secmon-lab/overseer

A security log analysis tool for data lake with combination of SQL query and Rego policy

Language: Go - Size: 340 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0

stevenvik/soc-analyst-resources

SOC analyst tools, SIEM configurations, and security incident response playbooks

Size: 1.95 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0

Ariel-Rocha/Projeto_Sistemas_Deteccao-Intrusao

Sistema de Detecção de Intrusão com Análise de Logs - Projeto de Cibersegurança

Language: Python - Size: 53.7 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 0 - Forks: 0

doomygloom/CmdScope

A lightweight Linux daemon that uses bpftrace to monitor and log all executed commands on a system in real time.

Language: Shell - Size: 5.86 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 0 - Forks: 0

MegaManSec/LDAP-Monitoring-Watchdog

LDAP Watchdog: A real-time linux-compatible LDAP monitoring tool for detecting directory changes, providing visibility into additions, modifications, and deletions for administrators and security researchers.

Language: Python - Size: 2.57 MB - Last synced at: about 2 months ago - Pushed at: 4 months ago - Stars: 187 - Forks: 16

noa123262/NSM

NSM (Nix Shell Manager) A powerful and user-friendly command-line tool built in Go that simplifies the management of Nix development environments. NSM streamlines the process of creating, managing, and maintaining Nix shells through an intuitive command interface.

Language: Go - Size: 120 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0

BecomingCyber/Day17-Splunk-UniversalForwarder

Configured a Splunk Universal Forwarder on a remote Ubuntu system to forward syslog and authentication logs to a central Splunk indexer. Includes setup steps, search queries, and incident response observations. Part of the 30-Day SOC Challenge.

Size: 106 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0

armandoariasinfosec/splunk-brute-force-detection-lab

Detect and alert brute-force RDP attacks using Splunk, Windows logs, and a simulated Kali Linux attacker. Home lab project.

Size: 7.81 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0

GrizonRussell/SOC-Security-Log-Analyzer

SOC Security Log Analyzer: AI-powered threat detection for security professionals.

Language: Python - Size: 12.7 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 0 - Forks: 0

NVISOsecurity/ee-outliers 📦

Open-source framework to detect outliers in Elasticsearch events

Language: Python - Size: 3.92 MB - Last synced at: 3 months ago - Pushed at: about 2 years ago - Stars: 209 - Forks: 33

iam-niranjan/SOC-Security-Log-Analyzer

SOC Security Log Analyzer: AI-powered threat detection for security professionals.

Language: Python - Size: 12.7 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 0 - Forks: 0

StamusNetworks/SELKS

A Suricata based IDS/IPS/NSM distro

Language: Shell - Size: 10.4 MB - Last synced at: 4 months ago - Pushed at: 12 months ago - Stars: 1,520 - Forks: 286

droe/xnumon

monitor macOS for malicious activity

Language: C - Size: 596 KB - Last synced at: 2 months ago - Pushed at: 6 months ago - Stars: 233 - Forks: 30

aymenmarjan/MISP-Wazuh-Integration

A comprehensive integration solution connecting MISP threat intelligence with Wazuh security monitoring for real-time threat detection. This project provides step-by-step instructions for deploying, configuring, and integrating MISP and Wazuh with Sysmon to automatically detect indicators of compromise (IoCs) in your environment.

Size: 3.54 MB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 1 - Forks: 0

k8scop/k8s-security-dashboard

A security monitoring solution for Kubernetes

Language: Python - Size: 2.5 MB - Last synced at: 3 months ago - Pushed at: almost 2 years ago - Stars: 132 - Forks: 24

kc-codes/Next-Generation-SIEM-Stack

🚀 Next Generation SIEM Stack is an advanced Security Information and Event Management (SIEM) solution designed for real-time threat detection, analysis, and automated response. This project integrates Wazuh, Suricata IDS, and VirusTotal API to provide a proactive cybersecurity monitoring framework.

Language: Jupyter Notebook - Size: 729 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 0 - Forks: 0

D4-project/sensor-d4-tls-fingerprinting

Extract TLS certificates from pcap files or network interfaces, fingerprint TLS client/server interactions with ja3/ja3s

Language: Go - Size: 110 KB - Last synced at: 3 months ago - Pushed at: over 5 years ago - Stars: 37 - Forks: 4

fabriziofiorucci/NGINX-NIM-Docker

This repository creates a docker image for NGINX Instance Manager to run it on Kubernetes, Openshift and docker-compose. Optional integration with Second Sight.

Language: Shell - Size: 2 MB - Last synced at: 3 months ago - Pushed at: 5 months ago - Stars: 9 - Forks: 2

cookpad/minerva 📦

Serverless Log Search Architecture for Security Monitoring based on Amazon Athena

Language: Go - Size: 465 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 8 - Forks: 0

Karneades/Defensomania

Defensomania is a security monitoring and incident response card game.

Language: Ruby - Size: 81.6 MB - Last synced at: 4 months ago - Pushed at: about 2 years ago - Stars: 62 - Forks: 8

sshreyx1/CyberDitto

[In Progress] CyberDitto creates secure digital twins of your network infrastructure to automate security assessments, compliance checks, and attack simulations, enabling risk-free security testing and automated remediation.

Language: TypeScript - Size: 134 KB - Last synced at: 8 months ago - Pushed at: 8 months ago - Stars: 0 - Forks: 0

alhazred/illumos-fim

IFIM is an illumos fork of Achiefs File Integrity Monitoring tool that performs file system analysis, file integrity checking on illumos-based distributions.

Language: Rust - Size: 27.3 KB - Last synced at: 4 months ago - Pushed at: about 2 years ago - Stars: 3 - Forks: 0

hardenedlinux/debian-nix-manager 📦

Using nix(DevOps) to deploy Network Security Monitoring System on Debian

Language: Nix - Size: 82.3 MB - Last synced at: 3 days ago - Pushed at: over 4 years ago - Stars: 7 - Forks: 5

cdpxe/OpenBSDhacks

Some of my security-related coding projects for OpenBSD: A kernel-based user-profile intrusion detection system (FUPIDS) and an ICMP-based "port-knocking" service (openportd).

Language: HTML - Size: 57.6 KB - Last synced at: 4 months ago - Pushed at: 11 months ago - Stars: 5 - Forks: 1

MuhamadAjiW/NetManager-Wazuh

Extension of NetManager script to automate Wazuh integration and management

Language: Shell - Size: 73.2 KB - Last synced at: 4 months ago - Pushed at: 11 months ago - Stars: 0 - Forks: 0

kookmin-sw/capstone-2021-18

O24Sec (Object-Oriented Clustering for Security Monitoring)

Language: Python - Size: 12 MB - Last synced at: 3 months ago - Pushed at: about 3 years ago - Stars: 10 - Forks: 2

jonrau1/ElectricEye

ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks

Language: Python - Size: 93.7 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 864 - Forks: 117

MaheshShukla1/Python-SOC-Security-notes

PythonSOCModules: Elevate your Security Operations Center (SOC) with Python's Paramiko, Requests, PyShark, Scapy, Matplotlib, and Seaborn modules. Strengthen security monitoring, incident detection, and response.

Size: 26.4 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 2 - Forks: 0

ccdcoe/CDMCS

Cyber Defence Monitoring Course Suite :: Suricata, Arkime (and others in the past)

Language: Jupyter Notebook - Size: 55.8 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 97 - Forks: 30

vxcontrol/vxagent 📦

VXMonitor agent

Language: Go - Size: 29.3 KB - Last synced at: over 1 year ago - Pushed at: over 2 years ago - Stars: 2 - Forks: 0

psjs12/Security-Advisories-Recopilation

Security Advisories Repository

Size: 6.84 KB - Last synced at: 8 months ago - Pushed at: almost 2 years ago - Stars: 1 - Forks: 0

srozb/certstream

Unofficial certstream library written in Nim.

Language: Nim - Size: 10.7 KB - Last synced at: almost 2 years ago - Pushed at: over 2 years ago - Stars: 0 - Forks: 0

iosifache/wazuh-manager-filebeat 📦

Docker image and Helm chart for Wazuh Manager and Filebeat, configurable for sending alerts to a specific OpenSearch instance 🐺

Language: Dockerfile - Size: 13.7 KB - Last synced at: 4 days ago - Pushed at: over 3 years ago - Stars: 1 - Forks: 0

0daysimpson/Get-SysmonLogs

A PowerShell client for retrieving and searching Sysmon logs

Language: PowerShell - Size: 9.77 KB - Last synced at: 5 days ago - Pushed at: about 6 years ago - Stars: 6 - Forks: 2

D4-project/analyzer-d4-passivedns

A Passive DNS backend and collector

Language: Python - Size: 108 KB - Last synced at: over 2 years ago - Pushed at: about 3 years ago - Stars: 26 - Forks: 2

m-mizutani/practical-security-monitoring

入門セキュリティ監視

Size: 19.5 KB - Last synced at: 3 days ago - Pushed at: about 6 years ago - Stars: 8 - Forks: 0

Truvis/Splunk_TA_Truvis_Suricata5

This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup a Suricata Port Mirrored Server

Size: 3.91 KB - Last synced at: about 2 years ago - Pushed at: almost 5 years ago - Stars: 11 - Forks: 1

louisbarrett/Eager-Locomotive

Firehose ElasticSearch Kibana Stack for Security Monitoring

Language: HCL - Size: 12 MB - Last synced at: over 2 years ago - Pushed at: about 5 years ago - Stars: 3 - Forks: 1

Related Keywords
security-monitoring 47 cybersecurity 12 incident-response 10 security 9 siem 7 network-security 6 threat-detection 6 suricata 5 log-analysis 5 threat-hunting 5 network-monitoring 4 wazuh 4 python 4 security-operations 4 security-tools 4 threat-intelligence 4 soc-analyst 4 splunk 4 dfir 4 ioc-detection 3 security-automation 3 linux 3 ids 3 monitoring 3 networking 3 rust 2 intrusion-detection 2 agent 2 opensearch 2 streamlit 2 security-logging 2 gemini-api 2 gemini-ai 2 ai-security 2 blue-team 2 aws 2 zeek 2 golang 2 dns 2 d4-project 2 hids 2 devsecops 2 packet-capture 2 information-security 2 kubernetes 2 sysmon 2 vulnerability-assessment 1 digital-twin 1 compliance-automation 1 cis-benchmarks 1 self-assessment 1 incident-response-readiness 1 educational-game 1 portknocking 1 security-hardening 1 bash 1 card-games 1 bash-script 1 asset-management 1 attack-surface-management 1 card-game 1 search-engine 1 aws-audit 1 aws-compliance 1 aws-security 1 solaris 1 elk 1 intelligence-analysis 1 kafka 1 nix 1 osquery 1 illumos 1 file-monitoring 1 file-integrity-monitoring 1 bsd 1 fupids 1 host-monitoring 1 icmp 1 kernel 1 file-integrity 1 kernel-module 1 file 1 kernel-modules 1 openbsd 1 openbsd-community 1 openbsd-ports 1 events 1 openbsd-scripts 1 port-knocking 1 cloud-auditing 1 patching 1 risk-management 1 security-advisories 1 security-updates 1 software 1 vulnerabilities 1 vulnerability-management 1 certificate-transparency 1 phishing-detection 1 wazuh-manager 1