Cyber Resources - sofwerx/mad-jack GitHub Wiki

Resources

Elasticsearch/Kibana:

https://www.elastic.co/

Install Instructions: https://www.elastic.co/guide/en/elasticsearch/reference/current/deb.html

https://www.elastic.co/blog/analyzing-network-packets-with-wireshark-elasticsearch-and-kibana

https://github.com/sofwerx/swx-devops/blob/master/local/swx-bluerange0/swx-bluerange0.yml#L625-L658

https://github.com/sofwerx/swx-devops/blob/master/local/swx-bluerange0/swx-bluerange0.yml#L652

Wireshark:

https://www.wireshark.org/

Install: https://www.linuxtechi.com/install-use-wireshark-debian-9-ubuntu/

Implement privilege separation: https://jlospinoso.github.io/software/wireshark/networks/ubuntu/2015/02/11/configuring-wireshark-on-ubuntu-14.html

https://github.com/sofwerx/es-tshark/

Sentinl:

https://github.com/sirensolutions/sentinl

http://sentinl.readthedocs.io/en/latest/

Network Tap (USR4503):

Information: https://multi-link.net/products/network-taps/usr4503-101001000-copper-aggregation-tap/

Manual: http://support.usr.com/support/4503/4503-files/4503-ig.pdf

Datasheet: https://multi-link.net/wp-content/uploads/ML-USR4503-Network-Tap-Data-Sheet.pdf

Network Tap Resource: https://en.wikipedia.org/wiki/Network_tap

PhantomJS

Install instructions: https://www.vultr.com/docs/how-to-install-phantomjs-on-ubuntu-16-04