Skip to content

@mmguero-dev mmguero-dev

Change the repository type filter

All

    Repositories list

    50 repositories

    • Malcolm

      Public
      Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
      securitypcapcybersecuritysuricatainfosecnetwork-securityzeekopensearchnetwork-traffic-analysisnetworksecurity
      Python
      Other
      3311100Updated Nov 14, 2024Nov 14, 2024

    • icsnpp-opcua-binary

      Public
      Zeek OPCUA Binary Parser - CISA ICSNPP
      JavaScript
      BSD 3-Clause "New" or "Revised" License
      11000Updated Nov 13, 2024Nov 13, 2024

    • misc-debug

      Public
      miscellaneous stuff for debugging and collaboration
      Python
      MIT License
      0000Updated Nov 8, 2024Nov 8, 2024

    • Malcolm-Test

      Public
      Python
      Other
      2000Updated Nov 5, 2024Nov 5, 2024

    • arkime

      Public
      Moloch is an open source, large scale, full packet capturing, indexing, and database system.
      JavaScript
      Apache License 2.0
      1k000Updated Nov 5, 2024Nov 5, 2024

    • virter

      Public
      Virter is a command line tool for simple creation and cloning of virtual machines based on libvirt
      Go
      Apache License 2.0
      12000Updated Oct 30, 2024Oct 30, 2024

    • packages

      Public
      The default package source of the Zeek Package Manager
      111000Updated Oct 29, 2024Oct 29, 2024

    • icsnpp-enip

      Public
      Zeek Ethernet/IP and CIP Parser - CISA ICSNPP
      Zeek
      BSD 3-Clause "New" or "Revised" License
      10000Updated Oct 23, 2024Oct 23, 2024

    • Malcolm-PCAP

      Public
      A set of PCAPs used to test the parsers used by Malcolm. Also, a curated list of PCAP collections I've found online.
      pcappcap-filespcaps
      Python
      33200Updated Oct 21, 2024Oct 21, 2024

    • icsnpp-hart-ip

      Public
      Zeek HART-IP Parser - CISA ICSNPP
      Zeek
      Other
      3000Updated Oct 17, 2024Oct 17, 2024

    • icsnpp-profinet-io-cm

      Public
      Zeek Profinet I/O Context Manager Parser - CISA ICSNPP
      Zeek
      BSD 3-Clause "New" or "Revised" License
      3000Updated Oct 17, 2024Oct 17, 2024

    • icsnpp-synchrophasor

      Public
      Zeek parser for Synchrophasor Data Transfer for Power Systems (C37.118)
      Zeek
      BSD 3-Clause "New" or "Revised" License
      6000Updated Oct 17, 2024Oct 17, 2024

    • Malcolm-Helm

      Public
      Smarty
      4000Updated Oct 14, 2024Oct 14, 2024

    • icsnpp-genisys

      Public
      Industrial Control Systems Network Protocol Parsers (ICSNPP) - Genisys over TCP/IP
      Python
      BSD 3-Clause "New" or "Revised" License
      8000Updated Oct 14, 2024Oct 14, 2024

    • osd_transform_vis

      Public
      OpenSearch-Dashboards plugin to create custom visualisations
      TypeScript
      Apache License 2.0
      5000Updated Oct 8, 2024Oct 8, 2024

    • icsnpp-ge-srtp

      Public
      Zeek GE SRTP Parser - CISA ICSNPP
      Zeek
      BSD 3-Clause "New" or "Revised" License
      2000Updated Oct 3, 2024Oct 3, 2024

    • netbox-initializers

      Public
      Plugin to load predefined data into Netbox
      Python
      Apache License 2.0
      13000Updated Sep 30, 2024Sep 30, 2024

    • bento

      Public
      Packer templates for building minimal Vagrant baseboxes for multiple platforms
      HCL
      Apache License 2.0
      1.1k000Updated Sep 30, 2024Sep 30, 2024

    • icsnpp-ethercat

      Public
      Zeek Ethercat Parser - CISA ICSNPP
      C++
      BSD 3-Clause "New" or "Revised" License
      8000Updated Sep 16, 2024Sep 16, 2024

    • zeek-iec104

      Public
      A Zeek Parser for the IEC 104 protcol built using Spicy.
      Zeek
      Other
      5000Updated Sep 11, 2024Sep 11, 2024

    • ACID

      Public
      Zeek
      Apache License 2.0
      2000Updated Aug 17, 2024Aug 17, 2024

    • bzar

      Public
      A set of Zeek scripts to detect ATT&CK techniques.
      Zeek
      BSD 3-Clause "New" or "Revised" License
      75000Updated Aug 13, 2024Aug 13, 2024

    • zeek-spicy-ospf

      Public
      A Zeek OSPF packet analyzer based on Spicy.
      Zeek
      BSD 3-Clause "New" or "Revised" License
      2000Updated Aug 6, 2024Aug 6, 2024

    • icsnpp-s7comm

      Public
      Zeek S7comm, S7comm-plus, and COTP Parser - CISA ICSNPP
      JavaScript
      BSD 3-Clause "New" or "Revised" License
      11000Updated Jul 18, 2024Jul 18, 2024

    • icsnpp-modbus

      Public
      Zeek Modbus Extension Scripts - CISA ICSNPP
      Zeek
      BSD 3-Clause "New" or "Revised" License
      8000Updated Jul 18, 2024Jul 18, 2024

    • icsnpp-dnp3

      Public
      Zeek DNP3 Extension Scripts - CISA ICSNPP
      Zeek
      BSD 3-Clause "New" or "Revised" License
      7000Updated Jul 18, 2024Jul 18, 2024

    • icsnpp-bsap

      Public
      Zeek BSAP Parser - CISA ICSNPP
      JavaScript
      BSD 3-Clause "New" or "Revised" License
      8000Updated Jul 18, 2024Jul 18, 2024

    • icsnpp-bacnet

      Public
      Zeek BACnet Parser - CISA ICSNPP
      JavaScript
      BSD 3-Clause "New" or "Revised" License
      11000Updated Jul 18, 2024Jul 18, 2024

    • mandiant-ti-client

      Public
      Python
      Apache License 2.0
      5000Updated Jul 6, 2024Jul 6, 2024

    • lru_reredux

      Public
      An efficient optionally thread safe LRU Cache
      Ruby
      MIT License
      20000Updated Jun 12, 2024Jun 12, 2024