A Suricata based IDS/IPS/NSM distro

ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks

Threat-hunting tool for Linux

monitor macOS for malicious activity

Open-source framework to detect outliers in Elasticsearch events

LDAP Watchdog: A real-time linux-compatible LDAP monitoring tool for detecting directory changes, providing visibility into additions, modifications, and deletions for administrators and security researchers.

A security monitoring solution for Kubernetes

Cyber Defence Monitoring Course Suite :: Suricata, Arkime (and others in the past)

Defensomania is a security monitoring and incident response card game.

Extract TLS certificates from pcap files or network interfaces, fingerprint TLS client/server interactions with ja3/ja3s

A Passive DNS backend and collector

This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup a Suricata Port Mirrored Server

O24Sec (Object-Oriented Clustering for Security Monitoring)

This repository creates a docker image for NGINX Instance Manager to run it on Kubernetes, Openshift and docker-compose. Optional integration with Second Sight.

Serverless Log Search Architecture for Security Monitoring based on Amazon Athena

入門セキュリティ監視

Using nix(DevOps) to deploy Network Security Monitoring System on Debian

A PowerShell client for retrieving and searching Sysmon logs

Some of my security-related coding projects for OpenBSD: A kernel-based user-profile intrusion detection system (FUPIDS) and an ICMP-based "port-knocking" service (openportd).

Firehose ElasticSearch Kibana Stack for Security Monitoring