alphasoc/nfr

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/alphasoc/nfr)

alphasoc / nfr

A lightweight tool to score network traffic and flag anomalies

☆123

Alternatives and similar repositories for nfr

Users that are interested in nfr are comparing it to the libraries listed below

Sorting:

alphasoc / flightsim
View on GitHub
A utility to safely generate malicious network traffic patterns and evaluate controls.
☆1,350Apr 4, 2024Updated last year
jakewarren / suricata-rule-generator
View on GitHub
Quickly generate suricata rules for IOCs
☆28Apr 30, 2021Updated 4 years ago
salesforce / bro-sysmon
View on GitHub
How to Zeek Sysmon Logs!
☆103Feb 12, 2022Updated 4 years ago
401trg / utilities
View on GitHub
This repository contains tools used by 401trg.
☆20Apr 14, 2021Updated 4 years ago
cmatthewbrooks / pyiocutils
View on GitHub
A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).
☆16Dec 19, 2018Updated 7 years ago
phishdetect / phishdetect
View on GitHub
PhishDetect is a library to help identify phishing pages
☆108May 11, 2023Updated 2 years ago
jaegeral / awesome-cyber-civil-society-actors
View on GitHub
A curated lust of awesome cyber civil society actors, project etc.
☆10Jul 16, 2020Updated 5 years ago
Cyberg-ON / Timon-Rules
View on GitHub
Community-based CybergON-powered Suricata rules
☆12Jul 5, 2022Updated 3 years ago
ipworkx / ecs-suricata
View on GitHub
☆12Apr 23, 2020Updated 5 years ago
jaegeral / osint-timelines
View on GitHub
Providing timelines based on OSINT Reports
☆31Jun 21, 2023Updated 2 years ago
theparanoids / rdfp
View on GitHub
Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
☆40Jun 20, 2023Updated 2 years ago
conix-security / bl2ru2
View on GitHub
Mass Suricata rules creator, from a list of domain
☆14Sep 14, 2018Updated 7 years ago
certtools / malware_name_mapping
View on GitHub
A mapping of used malware names to commonly known family names
☆62Feb 21, 2023Updated 3 years ago
0x4D31 / fatt
View on GitHub
FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network …
☆679Oct 28, 2023Updated 2 years ago
TKCERT / winnti-suricata-lua
View on GitHub
Suricata rules to detect Winnti communication
☆16Mar 5, 2018Updated 7 years ago
401trg / detections
View on GitHub
This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant ya…
☆121Apr 14, 2021Updated 4 years ago
0xrawsec / gene-rules
View on GitHub
☆42Sep 16, 2022Updated 3 years ago
neu5ron / TMInfosec
View on GitHub
Repository of all the sites related to infosec IP/Domain/Hash/SSL/etc OSINT and eventually will include more.
☆70Oct 30, 2025Updated 4 months ago
theparanoids / spicy-noise
View on GitHub
A Spicy protocol analyzer for WireGuard
☆29Aug 11, 2020Updated 5 years ago
Neo23x0 / exotron
View on GitHub
Sandbox feature upgrade with the help of wrapped samples
☆76Jun 23, 2018Updated 7 years ago
satta / gommunityid
View on GitHub
Go implementation of the Community ID flow hashing standard
☆21Apr 17, 2025Updated 10 months ago
darienhuss / dns_sigs
View on GitHub
Create Suricata and Snort DNS signatures given a single domain or list of domains in a file.
☆18Nov 13, 2017Updated 8 years ago
OISF / suricata-intel-index
View on GitHub
Suricata rule and intel index
☆33Jan 13, 2026Updated last month
Invoke-IR / ACE
View on GitHub
Automated, Collection, and Enrichment Platform
☆324Nov 14, 2019Updated 6 years ago
jimmy-sonny / YaYaGen
View on GitHub
Yet Another YARA rule Generator
☆65Oct 9, 2018Updated 7 years ago
botherder / go-autoruns
View on GitHub
Collect autorun records from running system
☆59Jan 21, 2022Updated 4 years ago
opensourcesec / CIRTKit
View on GitHub
Tools for the Computer Incident Response Team
☆150Apr 17, 2017Updated 8 years ago
arieljt / VTSubmitter-Maltego
View on GitHub
A Maltego transform for VirusTotal Submitter Information
☆36May 15, 2019Updated 6 years ago
cbcommunity / cbapi-examples
View on GitHub
Repository for all cbapi example scripts
☆16Sep 18, 2018Updated 7 years ago
cedowens / C2_Cradle
View on GitHub
Tool to download, install, and run macOS capable command & control servers (i.e., C2s with macOS payloads/clients) as docker containers f…
☆19Dec 29, 2020Updated 5 years ago
D4-project / d4-core
View on GitHub
D4 core software (server and sample sensor client)
☆43Dec 23, 2023Updated 2 years ago
zeek / zeek-osquery
View on GitHub
Bro/Zeek integration with osquery
☆93Nov 2, 2020Updated 5 years ago
codexgigassys / codex-backend
View on GitHub
Codex Gigas malware DNA profiling search engine discovers malware patterns and characteristics assisting individuals who are attracted in…
☆156Dec 20, 2019Updated 6 years ago
CybercentreCanada / CCCS-Yara
View on GitHub
YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA
☆116Feb 8, 2026Updated 3 weeks ago
Yara-Rules / yara-endpoint
View on GitHub
Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
☆108Mar 13, 2018Updated 7 years ago
JamesHabben / sysmon-queries
View on GitHub
Queries to parse sysmon event log file with microsoft logparser
☆58Mar 31, 2015Updated 10 years ago
pevma / SEPTun
View on GitHub
Suricata Extreme Performance Tuning guide
☆213Mar 15, 2018Updated 7 years ago
MinervaLabsResearch / Mystique
View on GitHub
Mystique may be used to discover infection markers that can be used to vaccinate endpoints against malware. It receives as input a malici…
☆82Sep 26, 2017Updated 8 years ago
PUNCH-Cyber / stoq
View on GitHub
An open source framework for enterprise level automated analysis.
☆394Jun 27, 2022Updated 3 years ago