{"id":225,"date":"2023-03-12T10:53:33","date_gmt":"2023-03-12T14:53:33","guid":{"rendered":"https:\/\/drkeithjones.com\/?page_id=225"},"modified":"2025-03-11T21:09:58","modified_gmt":"2025-03-12T01:09:58","slug":"my-tools","status":"publish","type":"page","link":"https:\/\/drkeithjones.com\/index.php\/my-tools\/","title":{"rendered":"My Tools"},"content":{"rendered":"\n<p>This page contains the tools I have written or that I have had a significant hand in writing. Visit <a href=\"https:\/\/github.com\/keithjjones\" target=\"_blank\" rel=\"noopener\" title=\"\">my GitHub link<\/a> in the social media menu for more tools!<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">LLM Tools<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong><span style=\"text-decoration: underline;\">LLM-Ninja<\/span><\/strong> &#8211; Scripts to help you use an LLM AI model like a ninja.\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/github.com\/corelight\/LLM-Ninja\">https:\/\/github.com\/corelight\/LLM-Ninja<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Zeek Related Tools<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong><span style=\"text-decoration: underline;\">zeek2es<\/span><\/strong> &#8211; A Python application to filter and transfer Zeek logs to Elastic\/OpenSearch+Humio. This app can also output pure JSON logs to stdout for further processing!\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/github.com\/corelight\/zeek2es\" title=\"\">https:\/\/github.com\/corelight\/zeek2es<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong><span style=\"text-decoration: underline;\">zeek-agenttesla-detector<\/span><\/strong> &#8211; A Zeek based Agent Tesla malware C2 detector.\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/github.com\/corelight\/zeek-agenttesla-detector\">https:\/\/github.com\/corelight\/zeek-agenttesla-detector<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong><span style=\"text-decoration: underline;\">zeek-amadey-detector<\/span><\/strong> &#8211; A Zeek base Amadey malware detector.\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/github.com\/keithjjones\/zeek-amadey-detector\" title=\"\">https:\/\/github.com\/keithjjones\/zeek-amadey-detector<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong><span style=\"text-decoration: underline;\">zeek-asyncrat-detector<\/span><\/strong> &#8211; A Zeek based AsyncRAT malware detector.\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/github.com\/corelight\/zeek-asyncrat-detector\">https:\/\/github.com\/corelight\/zeek-asyncrat-detector<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong><span style=\"text-decoration: underline;\">zeek-gozi-detector<\/span><\/strong> &#8211; A Zeek based Gozi malware detector.\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/github.com\/corelight\/zeek-gozi-detector\">https:\/\/github.com\/corelight\/zeek-gozi-detector<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong><span style=\"text-decoration: underline;\">zeek-netsupport-detector<\/span><\/strong> &#8211; A Zeek base NetSupport detector.  NetSupport is often abused by attackers in malware.\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/github.com\/corelight\/zeek-netsupport-detector\">https:\/\/github.com\/corelight\/zeek-netsupport-detector<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong><span style=\"text-decoration: underline;\">zeek-njrat-detector<\/span> <\/strong>&#8211; A Zeek based njRAT malware detector.\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/github.com\/keithjjones\/zeek-njrat-detector\">https:\/\/github.com\/keithjjones\/zeek-njrat-detector<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong><span style=\"text-decoration: underline;\">zeek-spicy-facefish<\/span><\/strong> &#8211; A Zeek protocol analyzer for the Facefish rootkit, based on Spicy.\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/github.com\/corelight\/zeek-spicy-facefish\" target=\"_blank\" rel=\"noreferrer noopener\">ht<\/a><a href=\"https:\/\/github.com\/corelight\/zeek-spicy-facefish\" title=\"\">tps:\/\/github.com\/corelight\/zeek-spicy-facefish<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong><span style=\"text-decoration: underline;\">zeek-spicy-ipsec<\/span><\/strong> &#8211; A Zeek IPSec protocol analyzer based on Spicy.\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/github.com\/corelight\/zeek-spicy-ipsec\" title=\"\">https:\/\/github.com\/corelight\/zeek-spicy-ipsec<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong><span style=\"text-decoration: underline;\">zeek-spicy-openvpn<\/span><\/strong> &#8211; A Zeek OpenVPN protocol analyzer, based on Spicy.\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/github.com\/corelight\/zeek-spicy-openvpn\" title=\"\">https:\/\/github.com\/corelight\/zeek-spicy-openvpn<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong><span style=\"text-decoration: underline;\">zeek-spicy-ospf<\/span><\/strong> &#8211; A Zeek OSPF packet analyzer based on Spicy.\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/github.com\/corelight\/zeek-spicy-ospf\" title=\"\">https:\/\/github.com\/corelight\/zeek-spicy-ospf<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong><span style=\"text-decoration: underline;\">zeek-spicy-stun<\/span><\/strong> &#8211; A Zeek STUN protocol analyzer based on Spicy.\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/github.com\/corelight\/zeek-spicy-stun\" title=\"\">https:\/\/github.com\/corelight\/zeek-spicy-stun<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong><span style=\"text-decoration: underline;\">zeek-spicy-wireguard<\/span><\/strong> &#8211; A Zeek Wireguard protocol analyzer based on Spicy.\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/github.com\/corelight\/zeek-spicy-wireguard\" title=\"\">https:\/\/github.com\/corelight\/zeek-spicy-wireguard<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong><span style=\"text-decoration: underline;\">zeek-strrat-detector<\/span><\/strong> &#8211; A Zeek based STRRAT malware detector.\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/github.com\/corelight\/zeek-strrat-detector\">https:\/\/github.com\/corelight\/zeek-strrat-detector<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong><span style=\"text-decoration: underline;\">zeek-sanitize<\/span><\/strong> &#8211; A Python script to sanitize Zeek logs.\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/github.com\/keithjjones\/zeek-sanitize\" title=\"\">https:\/\/github.com\/keithjjones\/zeek-sanitize<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Other Various Security Tools<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong><span style=\"text-decoration: underline;\">hostintel<\/span><\/strong> &#8211; A modular Python application to collect intelligence for malicious hosts.\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/github.com\/keithjjones\/hostintel\" title=\"\">https:\/\/github.com\/keithjjones\/hostintel<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong><span style=\"text-decoration: underline;\">fileintel<\/span><\/strong> &#8211; A modular Python application to pull intelligence about malicious files.\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/github.com\/keithjjones\/fileintel\" title=\"\">https:\/\/github.com\/keithjjones\/fileintel<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong><span style=\"text-decoration: underline;\">malgazer<\/span><\/strong> &#8211; A Python malware analysis library.\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/github.com\/keithjjones\/malgazer\" title=\"\">https:\/\/github.com\/keithjjones\/malgazer<\/a><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong><span style=\"text-decoration: underline;\">visualize_logs<\/span><\/strong> &#8211; A Python library and command line tools to provide interactive log visualization.\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/github.com\/keithjjones\/visualize_logs\" title=\"\">https:\/\/github.com\/keithjjones\/visualize_logs<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>This page contains the tools I have written or that I have had a significant hand in writing. Visit my GitHub link in the social media menu for more tools! LLM Tools Zeek Related Tools Other Various Security Tools<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-225","page","type-page","status-publish","hentry"],"aioseo_notices":[],"jetpack-related-posts":[],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/drkeithjones.com\/index.php\/wp-json\/wp\/v2\/pages\/225","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/drkeithjones.com\/index.php\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/drkeithjones.com\/index.php\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/drkeithjones.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/drkeithjones.com\/index.php\/wp-json\/wp\/v2\/comments?post=225"}],"version-history":[{"count":0,"href":"https:\/\/drkeithjones.com\/index.php\/wp-json\/wp\/v2\/pages\/225\/revisions"}],"wp:attachment":[{"href":"https:\/\/drkeithjones.com\/index.php\/wp-json\/wp\/v2\/media?parent=225"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}