Alternatives and similar repositories for zeek-tls-log-alternative

Users that are interested in zeek-tls-log-alternative are comparing it to the libraries listed below

• satta / gommunityid
  Go implementation of the Community ID flow hashing standard
  ☆20Updated 3 months ago
• COSSAS / dgad
  DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic
  ☆42Updated 11 months ago
• OISF / suricata-intel-index
  Suricata rule and intel index
  ☆31Updated last week
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆35Updated 2 years ago
• zom3y3 / ssdc
  ssdeep cluster analysis for malware files
  ☆31Updated 5 years ago
• fatemabw / kyd
  DHCP Fingerprinting
  ☆28Updated 4 years ago
• 0x4D31 / Presentations
  Some of the presentations given by me
  ☆18Updated 8 months ago
• bez0r / BeaconBits
  Network timing evaluation used to detect beacons, works with argus flow as the source
  ☆20Updated 9 years ago
• StefanKelm / yara-rules
  Links to malware-related YARA rules
  ☆15Updated 2 years ago
• corelight / ripple20
  A Zeek package for the passive detection of "Ripple20" vulnerabilities in the Treck TCP/IP stack.
  ☆33Updated 3 years ago
• Cluster25 / detection
  Threat Detection Rules (Snort/Sigma/Yara)
  ☆13Updated last year
• 0xrawsec / gene-rules
  ☆41Updated 2 years ago
• staaldraad / fastfluxanalysis
  Scripts to detect Fast-Flux and DGA using DNS query responses
  ☆43Updated 8 years ago
• fatihsirin / Tweettioc-Splunk-App
  Tweettioc Splunk App
  ☆20Updated 4 years ago
• threatrack / cti_report_collection
  Repository collecting and automagically processing public threat intelligence reports.
  ☆18Updated 5 years ago
• stratosphereips / yara-rules
  Repository of Yara rules created by the Stratosphere team
  ☆26Updated 4 years ago
• PaloAltoNetworks / pyjarm
  pyJARM is a library for doing JARM fingerprinting using python
  ☆50Updated 3 months ago
• precurse / zeek-httpattacks
  This module detects HTTP requests that are non RFC compliant and used for smuggling
  ☆12Updated 2 years ago
• intelforge / tmc
  Threat Mapping Catalogue
  ☆17Updated 3 years ago
• cyware-labs / Threat-Response-Docker
  ☆43Updated 2 years ago
• CrySyS / bro-step7-plugin
  A proof of concept implementation of the Siemens S7 protocol analyser for the Bro IDS.
  ☆16Updated 8 years ago
• ByteSecLabs / ja3-ja3s-combo
  High fidelity JA3 & JA3S combinations for known botnets and alike
  ☆11Updated 6 years ago
• conexioninversa / WOPR
  Globally distributed honeypots and HoneyNets IOCs and file reversing
  ☆16Updated last year
• micrictor / smbfp
  Zeek package to generate a SMB client fingerprint
  ☆27Updated 5 years ago
• 0xtf / nsm-attack
  Mapping NSM rules to MITRE ATT&CK
  ☆71Updated 4 years ago
• karttoon / iocs
  IoC's, PCRE's, YARA's etc
  ☆24Updated 3 months ago
• c2defense / network-device-logs
  Analytics for Accounting logs from Network devices
  ☆17Updated 4 years ago
• Kirtar22 / ATTACK-Threat_Intel
  Graph Representation of MITRE ATT&CK's CTI data
  ☆48Updated 5 years ago
• ABSllk / CVE_Montior_with_LLM
  Automatically collects the known CVE and its corresponding Poc, and sends it to the LLM for analysis, disassembles the attack steps, gene…
  ☆18Updated 11 months ago
• bro / bro-osquery
  Bro integration with osquery
  ☆15Updated 2 years ago