Threat Hunting

BeaKer – BeaKer visualizes Microsoft Sysmon network data to help threat hunters track down the source of suspicious network connections. The custom dashboard presents which users and executables created connections between two given IPs, how many times they’ve connected, the protocols and ports used, and much more..com/jpr5/ngrep Snort – Snort is a free and open […]

Monitoring / Logging

What2Log – Logging is essential in computer security. Computer logs can tell someone everything they need to know about what happened on a particular machine at a particular time. Events can be strung together to create a timeline of several events that happened during a time period. justniffer – Justniffer is a network protocol analyzer […]