CESNET / Nemea
System for network traffic analysis and anomaly detection.
☆90Updated 5 months ago
Alternatives and similar repositories for Nemea:
Users that are interested in Nemea are comparing it to the libraries listed below
- Passive Real-time Asset Detection System☆234Updated 9 months ago
- a network packet capture compiler☆198Updated 2 years ago
- The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere …☆50Updated 7 years ago
- Suricata Extreme Performance Tuning guide☆206Updated 7 years ago
- ☆24Updated 7 years ago
- idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)☆281Updated last year
- Suricata Extreme Performance Tuning guide - Mark II☆115Updated 6 years ago
- calculate flow information from PCAP and extract tcp streams☆69Updated 8 months ago
- Evading Snort Intrusion Detection System.☆77Updated 3 years ago
- Network traffic classification library that requires minimal application payload☆212Updated 7 months ago
- A fast parser for DNS pcap data.☆70Updated 8 years ago
- Web service for scanning pcaps with snort☆108Updated 6 years ago
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆170Updated last year
- Rule sets for Sagan☆102Updated 4 years ago
- The repository that contains the algorithms for generating domain names, dictionaries of malicious domain names. Developed to research th…☆219Updated 7 years ago
- Detection modules of the Nemea system.☆21Updated this week
- A set of ICS IDS rules for use with Suricata.☆49Updated last year
- Extract files from network traffic with Zeek.☆101Updated 5 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆123Updated 4 years ago
- A command-line utility program that performs some simple operations on PCAP files (Wireshark/tcpdump traces) very quickly. Allows you to …☆105Updated this week
- Apache Metron☆59Updated 4 years ago
- ** README ** This repo has MOVED to https://github.com/quadrantsec/sagan☆228Updated 4 years ago
- LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces.☆297Updated last week
- Plugin providing native AF_Packet support for Zeek.☆34Updated 11 months ago
- aka GENESIDS: Reads and parses rules using a "snort like" syntax and generates and sends packets that trigger events in signature based I…☆22Updated 6 years ago
- ☆168Updated 3 years ago
- DGA Domains detection☆65Updated 6 years ago
- Download pcap files from http://www.malware-traffic-analysis.net/☆75Updated 7 years ago
- High performance Deep Packet Inspection (DPI) framework to identify L7 protocols and extract and process data and metadata from network t…☆119Updated 4 years ago
- This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)☆99Updated 3 years ago