Alternatives and similar repositories for anomaly-detection-and-monitoring:

Users that are interested in anomaly-detection-and-monitoring are comparing it to the libraries listed below

• MITRECND / bro-http2
  Plugin for Zeek/Bro which provides http2 decoder/analyzer
  ☆30Updated 8 months ago
• Benster900 / BlogProjects
  Various blog post projects.
  ☆10Updated 8 months ago
• bez0r / BeaconBits
  Network timing evaluation used to detect beacons, works with argus flow as the source
  ☆20Updated 8 years ago
• Security-Onion-Solutions / securityonion-docker-hh
  ☆20Updated 4 years ago
• ossec / ossec-rules
  A repository for OSSEC rules and decoders
  ☆53Updated last year
• farsightsec / dnstable
  encoding format, library, and utilities for passive DNS data
  ☆26Updated 10 months ago
• binorassocies / brostash
  brostash: Linux distribution based on Debian and focusing on network security events collection
  ☆34Updated 4 years ago
• lpredova / ressie
  👓 monitoring, alerting and threat analysis for ELK stack
  ☆11Updated 7 years ago
• sethhall / credit-card-exposure
  Detect credit card exposures with Bro
  ☆16Updated last year
• AlkenePan / awesome-bro
  Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))
  ☆32Updated 4 years ago
• mozilla / zept
  INACTIVE - http://mzl.la/ghe-archive - Zeek Extreme Performance Tuning
  ☆26Updated 5 years ago
• AceRockson / WAFFLE
  Web Application Firewall For Limited Exploitation
  ☆17Updated 7 years ago
• farsightsec / sie-dns-sensor
  Debian and Red Hat packaging for SIE DNS sensor
  ☆15Updated last year
• alertflex / cnode
  alertflex controller
  ☆10Updated last year
• adulau / DomainClassifier
  DomainClassifier is a Python (2/3) library to extract and classify Internet domains/hostnames/IP addresses from raw unstructured text fil…
  ☆77Updated last year
• kfiros / ssh-alert
  Detect SSH connection attempts in real time using ptrace
  ☆9Updated 9 years ago
• ace-ecosystem / ACE
  Analysis Correlation Engine
  ☆24Updated 3 years ago
• corelight / zeek-long-connections
  Zeek package for tracking long connections to report them before they have completed.
  ☆29Updated 3 weeks ago
• joesecurity / Joe-Sandbox-Bro
  JoeSandbox-Bro is a simple bro script which extracts files from your internet connection and analyzes them automatically on Joe Sandbox
  ☆44Updated 5 years ago
• darvid / nessusbeat
  A Beat that monitors a local Nessus reports directory and outputs scan results to Elasticsearch or Logstash.
  ☆31Updated 7 years ago
• EmergingThreats / IDSDeathBlossom
  IDS Utility Belt For Automating/Testing Various Things
  ☆30Updated 4 years ago
• mgale / DHCPSnoop
  DHCP Snooping app - great for finding rogue DHCP servers
  ☆34Updated 7 years ago
• jheise / yarascanner
  Golang based web service to scan files with yara rules
  ☆27Updated 7 years ago
• jasonish / suricata-trafficid.ARCHIVED
  Application and service identification rules for Suricata
  ☆29Updated 2 years ago
• CIRCL / potiron
  Potiron - Normalize, Index and Visualize Network Capture
  ☆84Updated 5 years ago
• haka-security / hakabana
  Hakabana monitoring tool using Haka, ElastcSearch and Kibana
  ☆20Updated 10 years ago
• 7h3rAm / rudra
  A developer-friendly framework for exhaustive analysis of (PCAP and PE) files.
  ☆15Updated 7 years ago
• grrrrrrrrr / hyperscan-python
  Simple Python bindings for the Hyperscan project.
  ☆20Updated 8 years ago
• salesforce / bro-sysmon
  How to Zeek Sysmon Logs!
  ☆102Updated 3 years ago
• stratosphereips / StratosphereLibSlips
  This is the C version of the StratosphereLinuxIPS. It is mainly used for integration with Snort and other IDSs.
  ☆12Updated 8 years ago