Cowralyze Logo

Cowralyze

0
Free
Updated 11 March 2025
Visit Website

This project is about a Command Line Map-Reduce tool to analyze cowrie log files on remote servers / local folders over time and create a visualization and statistics of the data. The tool uses multiple log files <cowrie.json.YYYY-MM-DD> to create a cummulated information file and visualization from local or remote folder path, finally creating statistics about all the event changes over time. python3 cowralyze.py --help # shows available commands and a description for each command Furthermore there's the possibility to trace commands by session id or ip, as well as creating Sankey Command Chain Plots for specific log files. Motivation: This project was created in course of my Bachelor's Thesis: Longitudinal Analysis of SSH Honeypots. While a large number of honeypot related tools exist, they generally focus on high-level aggregated statistics and not about individual log anomalies. The aim of this project is to provide a tool to get a quick overview of the changes over time of possibly hundred's of cowrie honeypots. The stats.html provides the accumulated percentual changes over time, result.html provides the visualization across the no

FEATURES

SIMILAR TOOLS

A dynamic GUI for advanced log analysis, allowing users to execute SQL queries on structured log data.

Free

RedELK enhances Red Team operations with SIEM capabilities to monitor and alert on Blue Team activities.

Free

Sysmon for Linux is a tool that monitors and logs system activity with advanced filtering to identify malicious activity.

Free

Investigate malicious logons by visualizing and analyzing Windows Active Directory event logs with LogonTracer.

Free

AlienVault OSSIM provides an all-in-one security management solution with asset discovery, vulnerability assessment, and SIEM capabilities.

Free

Elastic is a search-powered AI company that enables users to find answers from all data in real-time at scale.

Commercial

Tool for deleting logs on Linux/Windows servers.

Free

A tool collection for filtering and visualizing logon events, designed for experienced DFIR specialists in threat hunting and incident response.

Free

SysmonSearch makes event log analysis more effective by aggregating Microsoft Sysmon logs and providing detailed analysis through Elasticsearch and Kibana.

Free

PINNED

Proton Pass Logo

Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.

Data Protection
NordVPN Logo

NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.

Network Security
Mandos Logo

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved