Rule sets for Sagan
☆106Jan 7, 2021Updated 5 years ago
Alternatives and similar repositories for sagan-rules
Users that are interested in sagan-rules are comparing it to the libraries listed below
Sorting:
- ** README ** This repo has MOVED to https://github.com/quadrantsec/sagan☆229Feb 9, 2021Updated 5 years ago
- Bro Intel Feed Linter☆26Aug 30, 2019Updated 6 years ago
- Detect Phishing with Bro IDS☆18Feb 1, 2017Updated 9 years ago
- Set of scripts to index PCAP files and retrieve packets☆14Sep 10, 2015Updated 10 years ago
- Yara rules I've written☆10Dec 9, 2015Updated 10 years ago
- Bro scripts to monitor for new hosts within a subnet range that aren't whitelisted/vetted.☆13Jun 28, 2013Updated 12 years ago
- Yara is awesome, but sometimes you need to manipulate the data streams you're scanning in different ways.☆98Oct 21, 2014Updated 11 years ago
- dga classification with fasttext☆13Oct 29, 2018Updated 7 years ago
- Extensions for Zeek's Intelligence Framework.☆11Mar 1, 2022Updated 4 years ago
- A "safe way" to do man-in-the-middle attack test, without using ARP attack.☆10Jun 2, 2021Updated 4 years ago
- Tool for managing Zeek deployments.☆60Feb 23, 2026Updated last week
- An LLM and OCR based Indicator of Compromise Extraction Tool☆38Dec 4, 2024Updated last year
- Hogzilla is an Intrusion Detection System (IDS) supported by Snort, Apache Spark, HBase and libnDPI, which provides Network Anomaly Detec…☆28Apr 18, 2018Updated 7 years ago
- CyLR - Live Response Collection Tool☆10Jul 14, 2020Updated 5 years ago
- Scripts targeting specific families☆13Jul 3, 2017Updated 8 years ago
- ☆12Jan 28, 2020Updated 6 years ago
- ☆14Dec 26, 2022Updated 3 years ago
- ☆12Apr 23, 2020Updated 5 years ago
- Honeynet Project generic authenticated datafeed protocol☆19Jun 12, 2019Updated 6 years ago
- SDN powered Science DMZ and IDS Load Balancer☆18Mar 23, 2016Updated 9 years ago
- Uses es_stats to report Elasticsearch cluster and node metrics to Zabbix☆11Oct 30, 2018Updated 7 years ago
- Ayaabu is a funny trick that fake the installation of many Antivirus☆12Jul 6, 2016Updated 9 years ago
- DNS traffic indexer and analyzer☆26Oct 7, 2014Updated 11 years ago
- CherryTree OSCP methodology template☆15Dec 10, 2018Updated 7 years ago
- ☆16Jun 27, 2017Updated 8 years ago
- python wrapper for the nfdump cli application☆21Apr 8, 2021Updated 4 years ago
- The Auditd Framework logs and applies security policy to linux auditd data☆15Jan 26, 2018Updated 8 years ago
- Scripts for Bro IDS and ELK Stack☆57Sep 2, 2015Updated 10 years ago
- Add POST body excerpt to Bro's HTTP log☆14Dec 10, 2025Updated 2 months ago
- ☆16Feb 10, 2020Updated 6 years ago
- ☆21Jun 3, 2021Updated 4 years ago
- Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search☆485Feb 19, 2026Updated last week
- Parser for zebra/MRT BGP routes dumps.☆41Nov 7, 2016Updated 9 years ago
- Web Interface Portal & Security Threat Engine for REMnux☆24Aug 1, 2016Updated 9 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Jan 6, 2021Updated 5 years ago
- Homographs: brutefind homographs within a font☆19Apr 21, 2017Updated 8 years ago
- The Stratosphere IPS is a free software IPS that uses network behavior to detect and block malicious actions.☆33May 24, 2016Updated 9 years ago
- Honeypot deployment made easy☆237Mar 13, 2019Updated 6 years ago
- Cuckoo Sandbox Local Maltego Transforms Project☆49Jul 2, 2014Updated 11 years ago