NEWS UPDATE! Next Visual Analytics Workshop to be held at BlackHat US in August. Join!
The first module of the Visual Analytics Workshop is about Data Sources.
As a foundation for later visualizations, we need to first understand what the data means. Following are the links of tools and additional material we are going through: (Note that the links might not cover all of the tools in this module. They are merely all the links that show up on the slides.)
- Source Destination Confusion
- Packet Sniffing Cheat Sheet
- PCAPNG
- Wireshark
- Network Miner
- Scapy
- Scapy Tutorial
- CloudShark
Traffic Flows
- Argus
- Argus cool stuff
- NFDump
- NFSen
- Nfsight
- SiLK
- Rayon
- Rayon Presentation
- FlowViewer
Firewalls
- CISCO ASA configuration for NAT logging
- Conntrack for Linux
Threat Intelligence
- STIX
- TAXII
- Cybox
- OpenIOC
- Emerging Threats
- ENISA Report on Threat Intelligence
- Collective Intelligence Framework (CIF)
- ThreatIntelligence
- Fragroute
- Snort tips
- More Snort tips
- Snorby
- Packet PIG
- Suricata
- Bro
- Bro intro presentation
- Bro intro video
- Bro APT1
Passive Detection
- P0f
- P0f 3
- Passive DNS
- PRADS
- prads2snort
Host Data
- CollectD
- HekaD
- OSSEC
- Graphite
- StatsD
- Munin
- Ganglia
- RRD
- Logster
Find the previous list of links at the first link collection post.
Wanna know more about the visualization workshop? Email me or visit http://pixlcloud.com/training