Tranalyzer / tranalyzer2
Tranalyzer generates extended netflow-like flow statistics from large pcap files or extensive ethernet interface measurements. It is intended to serve as a tool for IT troubleshooting, encrypted traffic mining and forensic analysis.
☆18Updated 6 years ago
Alternatives and similar repositories for tranalyzer2:
Users that are interested in tranalyzer2 are comparing it to the libraries listed below
- Utility for parsing Bro log files into CSV or JSON format☆41Updated 2 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆47Updated 6 years ago
- Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files☆44Updated 8 months ago
- ☆17Updated 4 years ago
- Network timing evaluation used to detect beacons, works with argus flow as the source☆19Updated 8 years ago
- fiddler output to pcap☆40Updated 10 years ago
- scan-detection policies for bro☆15Updated this week
- The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere …☆50Updated 6 years ago
- System for network traffic analysis and anomaly detection.☆88Updated 2 months ago
- Suricata Extreme Performance Tuning guide - Mark II☆115Updated 6 years ago
- a network packet capture compiler☆196Updated 2 years ago
- ☆85Updated 11 years ago
- Wireshark plugin to display Suricata analysis info☆93Updated 3 years ago
- Generates visualizations from the output of flow tools such as SiLK.☆35Updated 8 years ago
- Sniffles: Packet Capture Generator for IDS and Regular Expression Evaluation☆63Updated 3 years ago
- Passive DNS visualization and Passive DNS server toolkit☆35Updated 12 years ago
- Bro/Zeek integration with osquery☆94Updated 4 years ago
- python wrapper for the nfdump cli application☆21Updated 3 years ago
- Plugin providing AF_XDP support for Bro.☆14Updated 3 years ago
- Potiron - Normalize, Index and Visualize Network Capture☆83Updated 5 years ago
- A set of ICS IDS rules for use with Suricata.☆49Updated last year
- Mapping NSM rules to MITRE ATT&CK☆68Updated 4 years ago
- The Official Github Repository of Daemonlogger☆20Updated 3 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆123Updated 4 years ago
- viewssld is a free, open source, non-terminating SSLv2/SSLv3/TLS traffic decryption daemon for Snort, and other Network Intrusion Detecti…☆74Updated 7 years ago
- A tool to generate Snort rules based on public IP reputation data☆56Updated 11 years ago
- ☆23Updated 4 years ago
- Plugin for Zeek/Bro which provides http2 decoder/analyzer☆30Updated 7 months ago