Alternatives and similar repositories for zeek-tls-log-alternative:

Users that are interested in zeek-tls-log-alternative are comparing it to the libraries listed below

• COSSAS / dgad
  DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic
  ☆41Updated 8 months ago
• PaloAltoNetworks / pyjarm
  pyJARM is a library for doing JARM fingerprinting using python
  ☆49Updated last month
• corelight / ripple20
  A Zeek package for the passive detection of "Ripple20" vulnerabilities in the Treck TCP/IP stack.
  ☆33Updated 2 years ago
• zangobot / wafamole_dataset
  Dataset used in WAF-A-MoLE paper
  ☆8Updated 4 years ago
• micrictor / spl-spt
  Zeek plugin to generate data on per-packet sizes and intervals
  ☆14Updated 5 years ago
• GiuseppeLaurenza / dAPTaset
  a database that collects data related to APTs from existing public sources through a semi automatic methodology and produces an exhaustiv…
  ☆15Updated 2 years ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆35Updated 2 years ago
• precurse / zeek-httpattacks
  This module detects HTTP requests that are non RFC compliant and used for smuggling
  ☆12Updated 2 years ago
• OISF / suricata-intel-index
  Suricata rule and intel index
  ☆30Updated last month
• zeek / spicy-analyzers
  Growing collection of Spicy-based protocol and file analyzers for Zeek
  ☆31Updated 7 months ago
• osV22 / ATTACK-Force-Graph
  Generate JSON force-directed/ node graph data from MITRE's ATTACK framework and visualize it interactively
  ☆22Updated this week
• conexioninversa / WOPR
  Globally distributed honeypots and HoneyNets IOCs and file reversing
  ☆16Updated last year
• elastic / siglearn
  Code for BH21 talk: "Generating YARA Rules by Classifying Malicious Byte Sequences"
  ☆17Updated 2 months ago
• tianyulab / ThreatDetectionRules
  威胁检测规则集
  ☆15Updated 5 years ago
• ByteSecLabs / ja3-ja3s-combo
  High fidelity JA3 & JA3S combinations for known botnets and alike
  ☆11Updated 6 years ago
• adava / CnCHunter
  This project fully automates the process of analyzing and exploiting IoT malware to find live CnC servers.
  ☆41Updated 9 months ago
• cyware-labs / Threat-Response-Docker
  ☆43Updated 2 years ago
• Cluster25 / detection
  Threat Detection Rules (Snort/Sigma/Yara)
  ☆13Updated last year
• rsabir / bro-dsniff
  A dsniff project using bro
  ☆10Updated 9 years ago
• John-Lin / malware
  This is a malware analysis project which expecte to generate snort rule via malicious network traffic
  ☆28Updated 2 years ago
• satta / gommunityid
  Go implementation of the Community ID flow hashing standard
  ☆20Updated last week
• SpiderLabs / IOCs-IDPS
  This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)
  ☆101Updated 3 years ago
• staaldraad / fastfluxanalysis
  Scripts to detect Fast-Flux and DGA using DNS query responses
  ☆43Updated 7 years ago
• zom3y3 / ssdc
  ssdeep cluster analysis for malware files
  ☆30Updated 4 years ago
• bez0r / BeaconBits
  Network timing evaluation used to detect beacons, works with argus flow as the source
  ☆20Updated 8 years ago
• bhdresh / SnortRules
  This is an open source Snort rules repository
  ☆30Updated 2 years ago
• 0xtf / nsm-attack
  Mapping NSM rules to MITRE ATT&CK
  ☆71Updated 4 years ago
• aiforsec22 / IEEEEuroSP23
  ☆25Updated last year
• StefanKelm / yara-rules
  Links to malware-related YARA rules
  ☆15Updated 2 years ago
• CrySyS / bro-step7-plugin
  A proof of concept implementation of the Siemens S7 protocol analyser for the Bro IDS.
  ☆16Updated 8 years ago