LORG is a tool designed for advanced HTTPD logfile security analysis and forensics, utilizing state-of-the-art approaches like signature-based, statistical, and machine learning techniques to detect attacks against web applications within HTTP traffic logs. It groups detected incidents into sessions, classifies them as 'hand-crafted' or automated, performs geotargeting and DNSBL lookups, and quantifies attacks based on anomalies in HTTP responses.
FEATURES
SIMILAR TOOLS
Sysmon for Linux is a tool that monitors and logs system activity with advanced filtering to identify malicious activity.
A logging proxy tool created in response to the 'MongoDB Apocalypse', with Docker support.
AlienVault OSSIM provides an all-in-one security management solution with asset discovery, vulnerability assessment, and SIEM capabilities.
Investigate malicious logons by visualizing and analyzing Windows Active Directory event logs with LogonTracer.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.