Zeek Analysis Tools (ZAT)
The ZAT Python package supports the processing and analysis of Zeek data with Pandas, scikit-learn, Kafka, and Spark. Install: - pip install zat - pip install zat[pyspark] (includes pyspark library) - pip install zat[all] (include pyarrow, yara-python, and tldextract). Examples of Using ZAT: AWS Data Processing and ML Modeling, SageWorks, Installing on Raspberry Pi. Recent Improvements: Faster/Smaller Pandas Dataframes for large log files, Better Panda Dataframe to Matrix (ndarray) support, Scalable conversion from Zeek logs to Parquet, Vastly improved Spark Dataframe Class, Updated/improved Notebooks, Zeek JSON to DataFrame class. Video Presentation: Data Analysis and Machine Learning with Zeek. Why ZAT? Offloading complex tasks from Zeek for efficient processing of high volume network traffic and enhanced data analysis capabilities.
FEATURES
ALTERNATIVES
Scans SPF and DMARC records for issues that could allow email spoofing.
NotRuler is a tool for Exchange Admins to detect client-side Outlook rules and VBScript enabled forms, aiding in the detection of attacks created through Ruler.
An Outlook add-in for reporting suspicious emails to security teams and tracking user behavior during awareness campaigns.
Machine learning project for intuitive threat analysis with a web interface.
StegSolve is a steganography analysis tool with image analysis features.
A platform for creating and managing fake phishing campaigns to raise awareness and train users to identify suspicious emails.
CHIPSEC is a framework for analyzing the security of PC platforms and components, with tools for low-level interfaces and forensic capabilities.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.