Alternatives and similar repositories for core:

Users that are interested in core are comparing it to the libraries listed below

• juju4 / ansible-MISP
  ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing
  ☆53Updated 2 months ago
• shendo / websnort
  Web service for scanning pcaps with snort
  ☆108Updated 6 years ago
• zeek / zeekctl
  Tool for managing Zeek deployments.
  ☆54Updated last month
• StamusNetworks / KTS6
  Kibana 6 Templates for Suricata IDPS Threat Hunting
  ☆24Updated 5 years ago
• zeek / zeek-osquery
  Bro/Zeek integration with osquery
  ☆94Updated 4 years ago
• sealingtech / EDCOP
  Expandable Defensive Cyber Operations Platform
  ☆43Updated 2 years ago
• zeek / zeek-docker
  Docker files for building Zeek.
  ☆86Updated last year
• felixe / idsEventGenerator
  aka GENESIDS: Reads and parses rules using a "snort like" syntax and generates and sends packets that trigger events in signature based I…
  ☆22Updated 6 years ago
• stratosphereips / StratosphereTestingFramework
  The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere …
  ☆50Updated 6 years ago
• blacktop / docker-bro
  Bro IDS Dockerfile
  ☆129Updated 5 years ago
• mrash / fwsnort
  Application Layer IDS/IPS with iptables
  ☆75Updated 6 years ago
• MISP / misp-packer
  Build Automated Machine Images for MISP
  ☆28Updated last year
• Security-Onion-Solutions / securityonion-bro-scripts
  ☆24Updated 5 years ago
• StamusNetworks / KTS
  Kibana 4 Templates for Suricata IDPS
  ☆33Updated 8 years ago
• OwlH-net / OwlH-Master
  OwlH Master API
  ☆24Updated 9 months ago
• Security-Onion-Solutions / securityonion-setup
  ☆36Updated 4 years ago
• telekom-security / listbot
  🤖 Daily updated translation maps for T-Pot
  ☆22Updated 9 months ago
• OpenSCAP / openscap-daemon
  Manages continuous scans of your infrastructure
  ☆106Updated 3 years ago
• Homas / ioc2rpz
  ioc2rpz is a place where threat intelligence meets DNS.
  ☆107Updated 3 weeks ago
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆35Updated last year
• Graylog2 / graylog-guide-snort
  How to send structured Snort IDS alert logs into Graylog
  ☆27Updated last year
• MITRECND / bro-http2
  Plugin for Zeek/Bro which provides http2 decoder/analyzer
  ☆30Updated 8 months ago
• opendxl / opendxl-broker
  OpenDXL Broker is an open source version of a Data Exchange Layer (DXL) broker
  ☆14Updated last year
• regit / suriwire
  Wireshark plugin to display Suricata analysis info
  ☆93Updated 3 years ago
• binorassocies / brostash
  brostash: Linux distribution based on Debian and focusing on network security events collection
  ☆34Updated 4 years ago
• trisulnsm / trisul-scripts
  Ready to run scripts for network analysis
  ☆88Updated 2 weeks ago
• beave / sagan-rules
  Rule sets for Sagan
  ☆102Updated 4 years ago
• rocknsm / docket
  A RESTful API frontend for Stenographer
  ☆55Updated 2 years ago
• ossec / ossec-rules
  A repository for OSSEC rules and decoders
  ☆53Updated last year
• zeek / zeek-netcontrol
  Connectors for the Zeek NetControl framework
  ☆19Updated last week