Alternatives and similar repositories for zeek-tls-log-alternative

Users that are interested in zeek-tls-log-alternative are comparing it to the libraries listed below

• COSSAS / dgad
  DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic
  ☆42Updated 10 months ago
• zeek / spicy-analyzers
  Growing collection of Spicy-based protocol and file analyzers for Zeek
  ☆31Updated 9 months ago
• micrictor / spl-spt
  Zeek plugin to generate data on per-packet sizes and intervals
  ☆14Updated 5 years ago
• conexioninversa / WOPR
  Globally distributed honeypots and HoneyNets IOCs and file reversing
  ☆16Updated last year
• adava / CnCHunter
  This project fully automates the process of analyzing and exploiting IoT malware to find live CnC servers.
  ☆42Updated 11 months ago
• satta / gommunityid
  Go implementation of the Community ID flow hashing standard
  ☆20Updated 2 months ago
• precurse / zeek-httpattacks
  This module detects HTTP requests that are non RFC compliant and used for smuggling
  ☆12Updated 2 years ago
• cyware-labs / Threat-Response-Docker
  ☆43Updated 2 years ago
• Cluster25 / detection
  Threat Detection Rules (Snort/Sigma/Yara)
  ☆13Updated last year
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆35Updated 2 years ago
• threatrack / cti_report_collection
  Repository collecting and automagically processing public threat intelligence reports.
  ☆18Updated 5 years ago
• OISF / suricata-intel-index
  Suricata rule and intel index
  ☆31Updated 3 months ago
• zom3y3 / ssdc
  ssdeep cluster analysis for malware files
  ☆31Updated 5 years ago
• fatihsirin / Tweettioc-Splunk-App
  Tweettioc Splunk App
  ☆20Updated 4 years ago
• PaloAltoNetworks / pyjarm
  pyJARM is a library for doing JARM fingerprinting using python
  ☆50Updated 3 months ago
• bhdresh / SnortRules
  This is an open source Snort rules repository
  ☆30Updated 3 years ago
• corelight / ripple20
  A Zeek package for the passive detection of "Ripple20" vulnerabilities in the Treck TCP/IP stack.
  ☆33Updated 2 years ago
• Hullgj / report-parser
  Cuckoo Sandbox report parser into ransomware classifier
  ☆11Updated 6 years ago
• elastic / siglearn
  Code for BH21 talk: "Generating YARA Rules by Classifying Malicious Byte Sequences"
  ☆17Updated 4 months ago
• Manticore-Platform / public-threats
  Manticore's Public Threats Repository
  ☆10Updated 4 years ago
• CrySyS / bro-step7-plugin
  A proof of concept implementation of the Siemens S7 protocol analyser for the Bro IDS.
  ☆16Updated 8 years ago
• cyber-research / APTAttribution
  Code for Benchmarking two ML Approaches performing Authorship Attribution
  ☆37Updated 3 years ago
• micrictor / smbfp
  Zeek package to generate a SMB client fingerprint
  ☆27Updated 5 years ago
• johnbergbom / PeddleCheap
  Pcaps for PeddleCheap and implant communication + script for interpreting and decrypting pcaps.
  ☆15Updated 7 years ago
• zeek-flowmeter / zeek-flowmeter
  A Zeek script to generate features based on timing, volume and metadata for traffic classification.
  ☆56Updated 4 years ago
• 0xrawsec / gene-rules
  ☆41Updated 2 years ago
• aiforsec22 / IEEEEuroSP23
  ☆25Updated last year
• theparanoids / rdfp
  Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
  ☆39Updated 2 years ago
• StefanKelm / yara-rules
  Links to malware-related YARA rules
  ☆15Updated 2 years ago
• corelight / zerologon
  Zeek package to detect Zerologon
  ☆11Updated 3 years ago