John-Lin / snortunsock
A Python listener to capture Snort event via the UNIX Socket output.
☆15Updated 8 years ago
Alternatives and similar repositories for snortunsock:
Users that are interested in snortunsock are comparing it to the libraries listed below
- Snort in Docker for Network Functions Virtualization (NFV)☆107Updated 5 years ago
- Web service for scanning pcaps with snort☆109Updated 6 years ago
- Misc. Bro scripts☆63Updated 7 years ago
- A set of ICS IDS rules for use with Suricata.☆50Updated last year
- DSSL library: network capture and SSL decryption toolkit☆25Updated 5 years ago
- Plugin providing AF_XDP support for Bro.☆14Updated 3 years ago
- Detect cryptocurrency mining traffic with Zeek.☆46Updated 4 years ago
- Meer (GPLv2) is a dedicated "spooler" for the Suricata & Sagan EVE output formats.☆23Updated 4 years ago
- A Docker container for Moloch based on minimal Debian☆26Updated 9 years ago
- Application and service identification rules for Suricata☆29Updated 2 years ago
- scan-detection policies for bro☆16Updated 3 months ago
- A tool to generate Snort rules based on public IP reputation data☆56Updated 11 years ago
- Templates for Kibana/Logstash to use with Suricata IDPS☆80Updated 9 years ago
- OpenFlow DDoS mitigation Ryu controller☆20Updated 10 years ago
- Last download from git://git.carnivore.it/honeytrap.git of Honytrap by Tillmann Werner☆43Updated 3 years ago
- Honeypot made in Python/Scapy. Support ARP, ICMP, Http and SSH☆26Updated 12 years ago
- Time-Machine Dynamic Bulk Packet Recorder☆36Updated this week
- ☆24Updated 5 years ago
- Connectors for the Zeek NetControl framework☆19Updated 2 months ago
- This is a malware analysis project which expecte to generate snort rule via malicious network traffic☆28Updated 2 years ago
- OpenFlow Honeypot☆23Updated 12 years ago
- Rule sets for Sagan☆103Updated 4 years ago
- Extract files from network traffic with Zeek.☆101Updated 5 years ago
- Honeypot that emulates several protocols (incl. SSH, telnet, SMTP, HTTP, SSL and SIP)☆52Updated 9 years ago
- YALIH (Yet Another Low Interaction Honeyclient) is a low Interaction Client honeypot designed to detect malicious websites through signat…☆68Updated 5 years ago
- ☆20Updated 3 years ago
- NTP logger/honeypot☆53Updated 11 years ago
- Extending OVS with DPI functionalities☆16Updated 9 years ago
- Expandable Defensive Cyber Operations Platform☆43Updated 2 years ago
- A set of zeek scripts providing a module for tracking and correlating abnormal DNS behavior.☆33Updated 3 months ago