OISF / suricata-trafficid
Application and service identification rules for Suricata
☆18Updated 2 years ago
Alternatives and similar repositories for suricata-trafficid
Users that are interested in suricata-trafficid are comparing it to the libraries listed below
Sorting:
- Meer (GPLv2) is a dedicated "spooler" for the Suricata & Sagan EVE output formats.☆23Updated 4 years ago
- Suricata rule and intel index☆30Updated 2 months ago
- Prototype system to monitor BGP routes and alert when anomalies are identified☆15Updated 6 years ago
- A tool to generate log messages related to interfaces, neighbor cache (ARP,NDP), IP address, routing, FIB rules, traffic control.☆32Updated 7 months ago
- fast, extensible, versatile event router for Suricata's EVE-JSON format☆53Updated last month
- IDS Utility Belt For Automating/Testing Various Things☆30Updated 4 years ago
- A tools to work on suricata stats.log file.☆29Updated 9 years ago
- automatic enumeration and maintenance of Suricata monitoring interfaces☆11Updated 5 years ago
- A Spicy protocol analyzer for WireGuard☆29Updated 4 years ago
- Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))☆31Updated 5 years ago
- Plugin for Zeek/Bro which provides http2 decoder/analyzer☆31Updated 11 months ago
- YAIDS - Yara-Based IDS - Yara as an Intrusion Detection System / Yet Another Intrusion Detection System - An Intrusion Detection System (…☆23Updated 2 years ago
- INACTIVE - http://mzl.la/ghe-archive - Zeek Extreme Performance Tuning☆26Updated 5 years ago
- D4 core software (server and sample sensor client)☆42Updated last year
- Kibana 6 Templates for Suricata IDPS Threat Hunting☆24Updated 6 years ago
- A Yara Lua output script for Suricata☆20Updated 6 years ago
- Community-based CybergON-powered Suricata rules☆12Updated 2 years ago
- A Zeek package for the passive detection of "Ripple20" vulnerabilities in the Treck TCP/IP stack.☆33Updated 2 years ago
- How to Zeek Sysmon Logs!☆101Updated 3 years ago
- Yara powered NIDS with high speed packet capture powered by PF_RING☆69Updated last year
- ☆35Updated last year
- Snort/Suricata DAQ module with DPDK patch☆11Updated last year
- Bro integration with osquery☆15Updated 2 years ago
- server for indexing and querying passive DNS observations☆46Updated 2 months ago
- Plugin providing AF_XDP support for Bro.☆14Updated 4 years ago
- Using nDPI/openDPI to detect flow protocols from a PCAP file or live NIC. This program was modified from example in nDPI and I added a pe…☆23Updated 9 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2☆14Updated 4 years ago
- Repository of Information sharing on threats and indicators☆12Updated 5 years ago
- Zeek support for Community ID flow hashing.☆35Updated last year
- Growing collection of Spicy-based protocol and file analyzers for Zeek☆31Updated 8 months ago