0xxon / zeek-tls-log-alternative
Zeek scripts that provide an alternative log file logging TLS/SSL traffic
☆10Updated 3 years ago
Alternatives and similar repositories for zeek-tls-log-alternative:
Users that are interested in zeek-tls-log-alternative are comparing it to the libraries listed below
- DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic☆41Updated 8 months ago
- pyJARM is a library for doing JARM fingerprinting using python☆49Updated last month
- A Zeek package for the passive detection of "Ripple20" vulnerabilities in the Treck TCP/IP stack.☆33Updated 2 years ago
- Dataset used in WAF-A-MoLE paper☆8Updated 4 years ago
- Zeek plugin to generate data on per-packet sizes and intervals☆14Updated 5 years ago
- a database that collects data related to APTs from existing public sources through a semi automatic methodology and produces an exhaustiv…☆15Updated 2 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- This module detects HTTP requests that are non RFC compliant and used for smuggling☆12Updated 2 years ago
- Suricata rule and intel index☆30Updated last month
- Growing collection of Spicy-based protocol and file analyzers for Zeek☆31Updated 7 months ago
- Generate JSON force-directed/ node graph data from MITRE's ATTACK framework and visualize it interactively☆22Updated this week
- Globally distributed honeypots and HoneyNets IOCs and file reversing☆16Updated last year
- Code for BH21 talk: "Generating YARA Rules by Classifying Malicious Byte Sequences"☆17Updated 2 months ago
- 威胁检测规则集☆15Updated 5 years ago
- High fidelity JA3 & JA3S combinations for known botnets and alike☆11Updated 6 years ago
- This project fully automates the process of analyzing and exploiting IoT malware to find live CnC servers.☆41Updated 9 months ago
- ☆43Updated 2 years ago
- Threat Detection Rules (Snort/Sigma/Yara)☆13Updated last year
- A dsniff project using bro☆10Updated 9 years ago
- This is a malware analysis project which expecte to generate snort rule via malicious network traffic☆28Updated 2 years ago
- Go implementation of the Community ID flow hashing standard☆20Updated last week
- This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)☆101Updated 3 years ago
- Scripts to detect Fast-Flux and DGA using DNS query responses☆43Updated 7 years ago
- ssdeep cluster analysis for malware files☆30Updated 4 years ago
- Network timing evaluation used to detect beacons, works with argus flow as the source☆20Updated 8 years ago
- This is an open source Snort rules repository☆30Updated 2 years ago
- Mapping NSM rules to MITRE ATT&CK☆71Updated 4 years ago
- ☆25Updated last year
- Links to malware-related YARA rules☆15Updated 2 years ago
- A proof of concept implementation of the Siemens S7 protocol analyser for the Bro IDS.☆16Updated 8 years ago