OISF / suricata-trafficid
Application and service identification rules for Suricata
☆18Updated 2 years ago
Alternatives and similar repositories for suricata-trafficid:
Users that are interested in suricata-trafficid are comparing it to the libraries listed below
- Meer (GPLv2) is a dedicated "spooler" for the Suricata & Sagan EVE output formats.☆23Updated 4 years ago
- Suricata rule and intel index☆30Updated last month
- Application and service identification rules for Suricata☆29Updated 2 years ago
- automatic enumeration and maintenance of Suricata monitoring interfaces☆11Updated 5 years ago
- Last download from git://git.carnivore.it/honeytrap.git of Honytrap by Tillmann Werner☆43Updated 3 years ago
- IDS Utility Belt For Automating/Testing Various Things☆30Updated 4 years ago
- fast, extensible, versatile event router for Suricata's EVE-JSON format☆52Updated 2 weeks ago
- D4 core software (server and sample sensor client)☆42Updated last year
- Multi-head SSH honeypot system.☆21Updated last year
- A tool to generate log messages related to interfaces, neighbor cache (ARP,NDP), IP address, routing, FIB rules, traffic control.☆32Updated 6 months ago
- Library and example applications for using/abusing the information-leaky L2Trace service on Cisco switches. PSIRT Advisory: cisco-sa-2019…☆3Updated 2 years ago
- Using nDPI/openDPI to detect flow protocols from a PCAP file or live NIC. This program was modified from example in nDPI and I added a pe…☆23Updated 9 years ago
- BGP ranking is a free software to calculate the security ranking of Internet Service Provider (ASN)☆72Updated 9 months ago
- eBPF-based EDR for Linux☆17Updated 8 months ago
- Community-based CybergON-powered Suricata rules☆12Updated 2 years ago
- ☆35Updated last year
- Prototype system to monitor BGP routes and alert when anomalies are identified☆15Updated 6 years ago
- A tools to work on suricata stats.log file.☆28Updated 9 years ago
- ☆20Updated 4 years ago
- Plugin providing AF_XDP support for Bro.☆14Updated 3 years ago
- Passive DNS server interface compliant to "Common Output Format"☆10Updated 8 years ago
- CVE Builder script that generates STIX formatted Exploit Target objects☆18Updated 8 years ago
- A low interaction honeypot for the Cisco ASA component capable of detecting CVE-2018-0101, a DoS and remote code execution vulnerability.☆51Updated 6 years ago
- server for indexing and querying passive DNS observations☆46Updated last month
- Network Tools☆32Updated last year
- How to Zeek Sysmon Logs!☆101Updated 3 years ago
- A Zeek package for the passive detection of "Ripple20" vulnerabilities in the Treck TCP/IP stack.☆33Updated 2 years ago
- nmap/ndiff based scanner with template based notification system in case of infrastructure changes☆18Updated 7 years ago
- Go implementation of the Community ID flow hashing standard☆20Updated 2 weeks ago
- A Python implementation of the Community ID flow hashing standard☆23Updated last year