A lightweight tool to score network traffic and flag anomalies
☆123Aug 7, 2024Updated last year
Alternatives and similar repositories for nfr
Users that are interested in nfr are comparing it to the libraries listed below
Sorting:
- A utility to safely generate malicious network traffic patterns and evaluate controls.☆1,350Apr 4, 2024Updated last year
- Quickly generate suricata rules for IOCs☆28Apr 30, 2021Updated 4 years ago
- How to Zeek Sysmon Logs!☆103Feb 12, 2022Updated 4 years ago
- This repository contains tools used by 401trg.☆20Apr 14, 2021Updated 4 years ago
- A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).☆16Dec 19, 2018Updated 7 years ago
- PhishDetect is a library to help identify phishing pages☆108May 11, 2023Updated 2 years ago
- A curated lust of awesome cyber civil society actors, project etc.☆10Jul 16, 2020Updated 5 years ago
- Community-based CybergON-powered Suricata rules☆12Jul 5, 2022Updated 3 years ago
- ☆12Apr 23, 2020Updated 5 years ago
- Providing timelines based on OSINT Reports☆31Jun 21, 2023Updated 2 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆40Jun 20, 2023Updated 2 years ago
- Mass Suricata rules creator, from a list of domain☆14Sep 14, 2018Updated 7 years ago
- A mapping of used malware names to commonly known family names☆62Feb 21, 2023Updated 3 years ago
- FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network …☆679Oct 28, 2023Updated 2 years ago
- Suricata rules to detect Winnti communication☆16Mar 5, 2018Updated 7 years ago
- This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant ya…☆121Apr 14, 2021Updated 4 years ago
- ☆42Sep 16, 2022Updated 3 years ago
- Repository of all the sites related to infosec IP/Domain/Hash/SSL/etc OSINT and eventually will include more.☆70Oct 30, 2025Updated 4 months ago
- A Spicy protocol analyzer for WireGuard☆29Aug 11, 2020Updated 5 years ago
- Sandbox feature upgrade with the help of wrapped samples☆76Jun 23, 2018Updated 7 years ago
- Go implementation of the Community ID flow hashing standard☆21Apr 17, 2025Updated 10 months ago
- Create Suricata and Snort DNS signatures given a single domain or list of domains in a file.☆18Nov 13, 2017Updated 8 years ago
- Suricata rule and intel index☆33Jan 13, 2026Updated last month
- Automated, Collection, and Enrichment Platform☆324Nov 14, 2019Updated 6 years ago
- Yet Another YARA rule Generator☆65Oct 9, 2018Updated 7 years ago
- Collect autorun records from running system☆59Jan 21, 2022Updated 4 years ago
- Tools for the Computer Incident Response Team☆150Apr 17, 2017Updated 8 years ago
- A Maltego transform for VirusTotal Submitter Information☆36May 15, 2019Updated 6 years ago
- Repository for all cbapi example scripts☆16Sep 18, 2018Updated 7 years ago
- Tool to download, install, and run macOS capable command & control servers (i.e., C2s with macOS payloads/clients) as docker containers f…☆19Dec 29, 2020Updated 5 years ago
- D4 core software (server and sample sensor client)☆43Dec 23, 2023Updated 2 years ago
- Bro/Zeek integration with osquery☆93Nov 2, 2020Updated 5 years ago
- Codex Gigas malware DNA profiling search engine discovers malware patterns and characteristics assisting individuals who are attracted in…☆156Dec 20, 2019Updated 6 years ago
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆116Feb 8, 2026Updated 3 weeks ago
- Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.☆108Mar 13, 2018Updated 7 years ago
- Queries to parse sysmon event log file with microsoft logparser☆58Mar 31, 2015Updated 10 years ago
- Suricata Extreme Performance Tuning guide☆213Mar 15, 2018Updated 7 years ago
- Mystique may be used to discover infection markers that can be used to vaccinate endpoints against malware. It receives as input a malici…☆82Sep 26, 2017Updated 8 years ago
- An open source framework for enterprise level automated analysis.☆394Jun 27, 2022Updated 3 years ago