Tranalyzer / tranalyzer2Links
Tranalyzer generates extended netflow-like flow statistics from large pcap files or extensive ethernet interface measurements. It is intended to serve as a tool for IT troubleshooting, encrypted traffic mining and forensic analysis.
☆18Updated 7 years ago
Alternatives and similar repositories for tranalyzer2
Users that are interested in tranalyzer2 are comparing it to the libraries listed below
Sorting:
- aka GENESIDS: Reads and parses rules using a "snort like" syntax and generates and sends packets that trigger events in signature based I…☆22Updated 7 years ago
- Network timing evaluation used to detect beacons, works with argus flow as the source☆20Updated 9 years ago
- System for network traffic analysis and anomaly detection.☆92Updated 6 months ago
- The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere …☆50Updated 7 years ago
- Utility for parsing Bro log files into CSV or JSON format☆41Updated 3 years ago
- Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files☆44Updated last year
- A command-line utility program that performs some simple operations on PCAP files (Wireshark/tcpdump traces) very quickly. Allows you to …☆113Updated 2 months ago
- Web service for scanning pcaps with snort☆110Updated 7 years ago
- scan-detection policies for bro☆16Updated last year
- A Zeek package that detects Zoom logins and meeting joins☆12Updated 5 years ago
- Zeek plugin to generate data on per-packet sizes and intervals☆14Updated 5 years ago
- python wrapper for the nfdump cli application☆21Updated 4 years ago
- viewssld is a free, open source, non-terminating SSLv2/SSLv3/TLS traffic decryption daemon for Snort, and other Network Intrusion Detecti…☆74Updated 8 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 7 years ago
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆172Updated 2 years ago
- Growing collection of Spicy-based protocol and file analyzers for Zeek☆32Updated last year
- Rule sets for Sagan☆106Updated 5 years ago
- a network packet capture compiler☆205Updated 3 years ago
- Plugin providing native AF_Packet support for Zeek.☆33Updated 3 months ago
- Plugin providing AF_XDP support for Bro.☆14Updated 4 years ago
- Suricata Extreme Performance Tuning guide - Mark II☆121Updated 7 years ago
- Hogzilla is an Intrusion Detection System (IDS) supported by Snort, Apache Spark, HBase and libnDPI, which provides Network Anomaly Detec…☆28Updated 7 years ago
- A completely automated anomaly detector Zeek network flows files (conn.log).☆82Updated 5 months ago
- Generates visualizations from the output of flow tools such as SiLK.☆35Updated 9 years ago
- Passive Real-time Asset Detection System☆249Updated last year
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆124Updated 5 years ago
- DGA Domain Detection using Bigram Frequency Analysis☆55Updated 8 years ago
- ☆14Updated 2 weeks ago
- Detecting DNS Spoofing, DNS Tunneling, DNS Exfiltration☆36Updated 10 years ago
- ☆174Updated 4 years ago