IQTLabs / packet_cafeLinks
A platform built for easy-to-use automated network traffic analysis
☆59Updated 2 years ago
Alternatives and similar repositories for packet_cafe
Users that are interested in packet_cafe are comparing it to the libraries listed below
Sorting:
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆171Updated 2 years ago
- Generate network maps from packet captures☆30Updated 5 years ago
- Potiron - Normalize, Index and Visualize Network Capture☆88Updated 6 years ago
- A lightweight tool to score network traffic and flag anomalies☆123Updated last year
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆263Updated 2 years ago
- Wireshark plugin to display Suricata analysis info☆95Updated 3 years ago
- Structured Threat Intelligence Graph☆96Updated 4 months ago
- A RESTful API frontend for Stenographer☆54Updated 2 years ago
- A completely automated anomaly detector Zeek network flows files (conn.log).☆81Updated 3 weeks ago
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆123Updated 4 years ago
- Zeek IDS Dockerfile☆101Updated 2 years ago
- Cyber Defence Monitoring Course Suite :: Suricata, Arkime (and others in the past)☆106Updated last year
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆121Updated 4 years ago
- server for indexing and querying passive DNS observations☆47Updated last month
- The default package source of the Zeek Package Manager. Wrote a package? See the README for how to get it included.☆141Updated this week
- An open standard for hashing network flows into identifiers, a.k.a "Community IDs".☆182Updated 11 months ago
- a network packet capture compiler☆201Updated 3 years ago
- Growing collection of Spicy-based protocol and file analyzers for Zeek☆31Updated 11 months ago
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆175Updated 4 years ago
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆34Updated 2 months ago
- fast, extensible, versatile event router for Suricata's EVE-JSON format☆56Updated 4 months ago
- A Spicy protocol analyzer for WireGuard☆29Updated 5 years ago
- CARET - A tool for viewing cyber analytic relationships☆55Updated 5 years ago
- CIF v3 -- the fastest way to consume threat intelligence☆182Updated 2 years ago
- Mapping NSM rules to MITRE ATT&CK☆71Updated 5 years ago
- D4 core software (server and sample sensor client)☆42Updated last year
- Ready to run scripts for network analysis☆88Updated 5 months ago
- Definition, description and relationship types of MISP objects☆100Updated last month
- OASIS TC Open Repository: GitHub Pages site for STIX and TAXII☆101Updated last month
- Serverless, low cost, threat intel aggregation for enterprise or personal use, backed by ElasticSearch.☆141Updated 2 years ago