Alternatives and similar repositories for Linux-Sensor

Users that are interested in Linux-Sensor are comparing it to the libraries listed below

• isc-projects / dnsgen
  DNS packet generator
  ☆46Updated last month
• 0xcpu / bonomen
  BONOMEN - Hunt for Malware Critical Process Impersonation
  ☆49Updated 4 years ago
• hatching / httpreplay
  Replay HTTP and HTTPS requests from a PCAP based on TLS Master Secrets.
  ☆95Updated 3 years ago
• trolldbois / sslsnoop
  Live SSH/SSL/TLS decryption - extraction of secret keys from live process memory
  ☆109Updated 9 years ago
• ANSSI-FR / route_leaks
  BGP Route Leaks Detection
  ☆71Updated 6 years ago
• 7h3rAm / pcapedit
  An Interactive Pcap Editor (based on Scapy)
  ☆23Updated 5 years ago
• jedisct1 / iptrap
  A simple, but damn fast sinkhole
  ☆65Updated 10 months ago
• Cybereason / linux_plumber
  A python implementation of a grep friendly ftrace wrapper
  ☆80Updated 6 years ago
• Cisco-Talos / BASS
  BASS - BASS Automated Signature Synthesizer
  ☆178Updated 7 years ago
• Cisco-Talos / Daemonlogger
  The Official Github Repository of Daemonlogger
  ☆22Updated 4 years ago
• caesar0301 / pcapdpi
  Using nDPI/openDPI to detect flow protocols from a PCAP file or live NIC. This program was modified from example in nDPI and I added a pe…
  ☆23Updated 9 years ago
• elceef / dhcpf
  Passive DHCP fingerprinting implementation
  ☆50Updated 9 years ago
• hatching / tracy
  tracy - a system call tracer and injector. Find us in #tracy on irc.freenode.net
  ☆33Updated last year
• sebmarchand / pyetw
  ☆13Updated 9 years ago
• scumjr / the-sea-watcher
  Implementation of the SMM rootkit "The Watcher"
  ☆128Updated 3 years ago
• Mipu94 / BroIDS_Unicorn
  simple plugin to detect shellcode on Bro IDS with Unicorn
  ☆33Updated 8 years ago
• mandiant / rvmi-kvm
  Linux-KVM with rVMI extensions
  ☆22Updated 8 years ago
• jtripper / parasite
  Linux Runtime Process Injection Tool
  ☆61Updated 12 years ago
• SafeBreach-Labs / AltFS
  The Alternative Fileless File System
  ☆57Updated 6 years ago
• EmergingThreats / IDSDeathBlossom
  IDS Utility Belt For Automating/Testing Various Things
  ☆30Updated 5 years ago
• PaloAltoNetworks / tcpsession
  A python library to extract TCP sessions from PCAPs.
  ☆23Updated 4 years ago
• olliencc / WinBinaryAudit
  GSAudit at Symantec, ExeAudit at RIM, RECX Binary Assurance for Windows at Recx etc. - core library now WinBinaryAudit
  ☆24Updated 10 years ago
• Cisco-Talos / CASC
  ☆43Updated 7 years ago
• CrySyS / membrane
  Membrane: A Posteriori Detection of Malicious Code Loading by Memory Paging Analysis
  ☆41Updated 9 years ago
• mandiant / vivisect
  pure Python binary analysis framework
  ☆22Updated 6 years ago
• staaldraad / fastfluxanalysis
  Scripts to detect Fast-Flux and DGA using DNS query responses
  ☆44Updated 8 years ago
• hdm / mac-tracker
  Historical Tracking of MAC Address Assignments
  ☆36Updated this week
• jethrogb / ssltrace
  ssltrace hooks an application's SSL libraries to record keying data of all SSL connections
  ☆95Updated 10 years ago
• taviso / iknowthis
  iknowthis Linux SystemCall Fuzzer
  ☆20Updated 6 years ago
• fatemabw / kyd
  DHCP Fingerprinting
  ☆29Updated 4 years ago