1computerguy / tls-mal-detect
Using machine learning to detect malware in encrypted TLS traffic metadata
☆17Updated 3 years ago
Alternatives and similar repositories for tls-mal-detect:
Users that are interested in tls-mal-detect are comparing it to the libraries listed below
- A Zeek script to generate features based on timing, volume and metadata for traffic classification.☆54Updated 4 years ago
- Pcap-splitter allows you to split a pcap file into subsets of pcap files based on sessions, flows, ip addresses, number of bytes, number …☆65Updated 5 years ago
- ☆45Updated 6 years ago
- A completely automated anomaly detector Zeek network flows files (conn.log).☆75Updated 5 months ago
- nPrint provides a generalizable data representation for network packets that works directly with machine learning techniques☆103Updated 2 years ago
- Official ID2T repository. ID2T creates labeled IT network datasets that contain user defined synthetic attacks.☆60Updated last year
- ICS Cybersecurity PCAP respository☆51Updated 5 years ago
- Download pcap files from http://www.malware-traffic-analysis.net/☆73Updated 7 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Suricata Verification Tests - Testing Suricata Output☆104Updated this week
- PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.☆147Updated 10 months ago
- ☆97Updated 4 years ago
- A collection of resources for security data☆40Updated 7 years ago
- Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets☆133Updated 4 years ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆66Updated this week
- Suricata rules for network anomaly detection☆154Updated last month
- DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic☆39Updated 5 months ago
- Mapping NSM rules to MITRE ATT&CK☆68Updated 4 years ago
- This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)☆99Updated 3 years ago
- The Security Analyst’s Guide to Suricata☆53Updated 7 months ago
- Snorpy is a python script the gives a Gui interface to help those new to snort create rules.☆60Updated 5 months ago
- A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the…☆61Updated 2 years ago
- ☆62Updated 6 years ago
- Zeek Training Materials/Products☆37Updated 3 months ago
- A python app to predict Att&ck tactics and techniques from cyber threat reports☆118Updated last year
- Threat Detection & Anomaly Detection rules for popular open-source components☆50Updated 2 years ago
- ☆49Updated this week
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆167Updated last year
- Awesome Cyber-Security Data-sets Collection☆19Updated 6 years ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆85Updated 2 years ago