IQTLabs / packet_cafeLinks
A platform built for easy-to-use automated network traffic analysis
☆59Updated 2 years ago
Alternatives and similar repositories for packet_cafe
Users that are interested in packet_cafe are comparing it to the libraries listed below
Sorting:
- Generate network maps from packet captures☆31Updated 5 years ago
- A RESTful API frontend for Stenographer☆54Updated 2 years ago
- Potiron - Normalize, Index and Visualize Network Capture☆86Updated 6 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆122Updated 3 years ago
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆170Updated 2 years ago
- D4 core software (server and sample sensor client)☆42Updated last year
- fast, extensible, versatile event router for Suricata's EVE-JSON format☆53Updated last month
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆123Updated 4 years ago
- Tool for managing Zeek deployments.☆56Updated last month
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆261Updated 2 years ago
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆34Updated last month
- Wireshark plugin to display Suricata analysis info☆94Updated 3 years ago
- Cyber Defence Monitoring Course Suite :: Suricata, Arkime (and others in the past)☆104Updated last year
- a network packet capture compiler☆199Updated 3 years ago
- Specifications used in the MISP project including MISP core format☆51Updated 5 months ago
- Growing collection of Spicy-based protocol and file analyzers for Zeek☆31Updated 8 months ago
- Suricata Extreme Performance Tuning guide - Mark II☆117Updated 7 years ago
- Ready to run scripts for network analysis☆88Updated 2 months ago
- PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.☆153Updated 2 months ago
- Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.☆109Updated 7 years ago
- A Spicy protocol analyzer for WireGuard☆29Updated 4 years ago
- Zeek IDS Dockerfile☆101Updated 2 years ago
- A web-based tool to assist the work of the intuitive threat analysts.☆112Updated 6 years ago
- server for indexing and querying passive DNS observations☆46Updated 2 months ago
- A lightweight tool to score network traffic and flag anomalies☆123Updated 9 months ago
- Expandable Defensive Cyber Operations Platform☆43Updated 2 years ago
- Serverless, low cost, threat intel aggregation for enterprise or personal use, backed by ElasticSearch.☆141Updated 2 years ago
- pCraft is a PCAP Crafter, which creates a PCAP from an AMI scenario.☆90Updated last year
- Bro/Zeek integration with osquery☆94Updated 4 years ago