{"payload":{"pageCount":5,"repositories":[{"type":"Public","name":"Chronicle","owner":"corelight","isFork":false,"description":"Chronicle parser for CORELIGHT and related information.","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":1,"issueCount":0,"starsCount":3,"forksCount":4,"license":null,"participation":[0,0,3,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,2,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-20T12:17:04.821Z"}},{"type":"Public","name":"terraform-aws-enrichment","owner":"corelight","isFork":false,"description":"Terraform for Corelight's AWS Cloud Enrichment.","allTopics":["aws","cloud","enrichment","terraform","zeek"],"primaryLanguage":{"name":"HCL","color":"#844FBA"},"pullRequestCount":0,"issueCount":0,"starsCount":1,"forksCount":0,"license":"MIT License","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,2,0,2,1,3,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-17T18:50:07.976Z"}},{"type":"Public","name":"cve-2022-26809","owner":"corelight","isFork":false,"description":"Detects attempts and successful exploitation of CVE-2022-26809","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":31,"forksCount":15,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-16T15:44:34.639Z"}},{"type":"Public","name":"zeek-netsupport-detector","owner":"corelight","isFork":false,"description":"A Zeek base NetSupport detector. NetSupport is often abused by attackers in malware.","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":0,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-13T16:09:44.850Z"}},{"type":"Public","name":"block-corelight-chronicle","owner":"corelight","isFork":false,"description":"Looker Dashboards for Chronicle","allTopics":[],"primaryLanguage":{"name":"LookML","color":"#652B81"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":4,"license":"MIT License","participation":[3,0,0,1,0,4,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,1,1,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-13T13:35:01.156Z"}},{"type":"Public","name":"terraform-gcp-sensor","owner":"corelight","isFork":false,"description":"Terraform for Corelight's GCP Cloud Sensor Deployment.","allTopics":["cloud","terraform","sensor","gcp","zeek"],"primaryLanguage":{"name":"HCL","color":"#844FBA"},"pullRequestCount":0,"issueCount":0,"starsCount":1,"forksCount":0,"license":"MIT License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-05T13:13:36.266Z"}},{"type":"Public","name":"terraform-aws-sensor","owner":"corelight","isFork":false,"description":"Terraform for Corelight's AWS Cloud Sensor Deployment.","allTopics":["aws","cloud","terraform","sensor","zeek"],"primaryLanguage":{"name":"HCL","color":"#844FBA"},"pullRequestCount":0,"issueCount":0,"starsCount":1,"forksCount":0,"license":"MIT License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-05T13:13:29.085Z"}},{"type":"Public","name":"terraform-azure-sensor","owner":"corelight","isFork":false,"description":"Terraform for Corelight's Azure Cloud Sensor Deployment.","allTopics":["cloud","azure","terraform","sensor","zeek"],"primaryLanguage":{"name":"HCL","color":"#844FBA"},"pullRequestCount":0,"issueCount":0,"starsCount":1,"forksCount":0,"license":"MIT License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-05T13:13:24.270Z"}},{"type":"Public","name":"terraform-config-sensor","owner":"corelight","isFork":false,"description":"Terraform for Corelight's Sensor Configuration.","allTopics":["cloud","terraform","sensor","configuration","zeek"],"primaryLanguage":{"name":"HCL","color":"#844FBA"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":0,"license":"MIT License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-04T14:46:50.805Z"}},{"type":"Public","name":"CVE-2020-16898","owner":"corelight","isFork":false,"description":"A network detection package for CVE-2020-16898 (Windows TCP/IP Remote Code Execution Vulnerability)","allTopics":[],"primaryLanguage":{"name":"Shell","color":"#89e051"},"pullRequestCount":0,"issueCount":0,"starsCount":8,"forksCount":2,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-03T18:23:10.719Z"}},{"type":"Public","name":"CVE-2021-1675","owner":"corelight","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Shell","color":"#89e051"},"pullRequestCount":0,"issueCount":0,"starsCount":8,"forksCount":4,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-03T18:23:07.978Z"}},{"type":"Public","name":"ecs-templates","owner":"corelight","isFork":false,"description":"Corelight or Zeek Elastic Common Schema Templates","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":0,"issueCount":2,"starsCount":7,"forksCount":4,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-26T22:33:25.396Z"}},{"type":"Public","name":"ecs-logstash-mappings","owner":"corelight","isFork":false,"description":"Mapping Corelight or Zeek data to Elastic Common Schema logs","allTopics":[],"primaryLanguage":null,"pullRequestCount":0,"issueCount":1,"starsCount":11,"forksCount":4,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-26T22:32:50.943Z"}},{"type":"Public","name":"ecs-mapping","owner":"corelight","isFork":false,"description":"Mapping Corelight or Zeek data to Elastic Common Schema fields","allTopics":[],"primaryLanguage":null,"pullRequestCount":0,"issueCount":1,"starsCount":33,"forksCount":14,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-26T22:31:27.675Z"}},{"type":"Public","name":"terraform-azure-enrichment","owner":"corelight","isFork":false,"description":"Terraform for Corelight's Azure Cloud Enrichment.","allTopics":["cloud","enrichment","azure","terraform","zeek"],"primaryLanguage":{"name":"HCL","color":"#844FBA"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":0,"license":"MIT License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-23T19:47:50.497Z"}},{"type":"Public","name":"Zeek-CVE-Enrichment","owner":"corelight","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":1,"forksCount":1,"license":"Other","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-23T17:35:08.071Z"}},{"type":"Public","name":"packet_replay","owner":"corelight","isFork":false,"description":"Send pcaps via GENEVE or VXLAN tunnels","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":0,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-22T16:21:40.059Z"}},{"type":"Public","name":"zeek-spicy-ipsec","owner":"corelight","isFork":false,"description":"A Zeek IPSec protocol analyzer based on Spicy.","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":6,"forksCount":5,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-22T15:32:59.842Z"}},{"type":"Public","name":"suricata_exporter","owner":"corelight","isFork":false,"description":"A Prometheus Exporter for Suricata","allTopics":["prometheus","prometheus-exporter","suricata"],"primaryLanguage":{"name":"Go","color":"#00ADD8"},"pullRequestCount":0,"issueCount":2,"starsCount":15,"forksCount":11,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-21T09:22:41.766Z"}},{"type":"Public","name":"terraform-gcp-enrichment","owner":"corelight","isFork":false,"description":"Terraform for Corelight's GCP Cloud Enrichment.","allTopics":["cloud","enrichment","terraform","gcp","zeek"],"primaryLanguage":{"name":"HCL","color":"#844FBA"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":0,"license":"MIT License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-07T23:03:06.830Z"}},{"type":"Public","name":"zeek-spicy-ospf","owner":"corelight","isFork":false,"description":"A Zeek OSPF packet analyzer based on Spicy.","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":7,"forksCount":2,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-06T16:18:29.444Z"}},{"type":"Public","name":"ExtendIntel","owner":"corelight","isFork":false,"description":"This package extends the Intel package to log more fields","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":1,"forksCount":0,"license":"Other","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-30T13:35:37.107Z"}},{"type":"Public","name":"Zeek-Endpoint-Enrichment","owner":"corelight","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":1,"forksCount":1,"license":"Other","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-24T17:08:52.119Z"}},{"type":"Public","name":"go-zeek-broker-ws","owner":"corelight","isFork":false,"description":"A Go library for using zeek broker's websocket API","allTopics":[],"primaryLanguage":{"name":"Go","color":"#00ADD8"},"pullRequestCount":0,"issueCount":2,"starsCount":1,"forksCount":0,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-01T23:51:21.717Z"}},{"type":"Public","name":"zeek-agenttesla-detector","owner":"corelight","isFork":false,"description":"A Zeek based Agent Tesla malware C2 detector.","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":0,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-06-26T16:38:46.561Z"}},{"type":"Public","name":"Elasticsearch_rules","owner":"corelight","isFork":false,"description":"Elastic version of SOC prime watcher rules","allTopics":[],"primaryLanguage":null,"pullRequestCount":0,"issueCount":0,"starsCount":27,"forksCount":4,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-06-18T15:52:44.456Z"}},{"type":"Public","name":"json-tcp-lb","owner":"corelight","isFork":false,"description":"line based tcp load balancing proxy.","allTopics":[],"primaryLanguage":{"name":"Go","color":"#00ADD8"},"pullRequestCount":0,"issueCount":1,"starsCount":13,"forksCount":3,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-06-18T15:51:39.485Z"}},{"type":"Public","name":"corelight-cloud","owner":"corelight","isFork":false,"description":"IaC used to deploy Corelight Sensors into various Cloud Providers.","allTopics":["aws","cloud","azure","terraform","templates","gcp","iac"],"primaryLanguage":null,"pullRequestCount":0,"issueCount":0,"starsCount":0,"forksCount":0,"license":"MIT License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-06-04T20:18:35.660Z"}},{"type":"Public","name":"log-add-http-post-bodies","owner":"corelight","isFork":false,"description":"Add POST body excerpt to Bro's HTTP log","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":14,"forksCount":10,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-05-15T17:44:29.474Z"}},{"type":"Public","name":"hassh","owner":"corelight","isFork":false,"description":"Fingerprint SSH clients and servers.","allTopics":[],"primaryLanguage":{"name":"Zeek","color":"#ccc"},"pullRequestCount":0,"issueCount":0,"starsCount":4,"forksCount":0,"license":"Other","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-05-09T06:39:48.905Z"}}],"repositoryCount":140,"userInfo":null,"searchable":true,"definitions":[],"typeFilters":[{"id":"all","text":"All"},{"id":"public","text":"Public"},{"id":"source","text":"Sources"},{"id":"fork","text":"Forks"},{"id":"archived","text":"Archived"},{"id":"template","text":"Templates"}],"compactMode":false},"title":"corelight repositories"}