cedricbonhomme / pyHIDSLinks
A HIDS (host-based intrusion detection system) for verifying the integrity of a system.
☆59Updated last week
Alternatives and similar repositories for pyHIDS
Users that are interested in pyHIDS are comparing it to the libraries listed below
Sorting:
- A web-based tool to assist the work of the intuitive threat analysts.☆113Updated 6 years ago
- Mapping NSM rules to MITRE ATT&CK☆71Updated 4 years ago
- zeek-scripts☆44Updated 6 years ago
- Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))☆31Updated 5 years ago
- brostash: Linux distribution based on Debian and focusing on network security events collection☆34Updated 4 years ago
- Client API to query any Passive DNS implementation following the Passive DNS - Common Output Format.☆81Updated 3 months ago
- Passive DNS V2☆60Updated 11 years ago
- Centralize Management of Intrusion Detection System like Suricata Bro Ossec ...☆72Updated 6 years ago
- The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere …☆50Updated 7 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Plugin providing native AF_Packet support for Zeek.☆34Updated last year
- This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)☆104Updated 3 years ago
- A set of zeek scripts providing a module for tracking and correlating abnormal DNS behavior.☆34Updated 5 months ago
- A map displaying threat actors from the misp-galaxy☆33Updated 2 years ago
- Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)☆102Updated 2 weeks ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆122Updated 3 years ago
- JoeSandbox-Bro is a simple bro script which extracts files from your internet connection and analyzes them automatically on Joe Sandbox☆45Updated 6 years ago
- Passive DNS collection using Zeek☆182Updated 2 years ago
- ☆34Updated 4 years ago
- Cyber Threat Intelligence Feeds☆97Updated 8 years ago
- CyCAT.org API back-end server including crawlers☆29Updated 2 years ago
- TIH is an intelligence tool that helps you in searching for IOCs across multiple openly available security feeds and some well known APIs…☆152Updated 2 weeks ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Updated 4 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- Suricata rule and intel index☆31Updated 3 months ago
- Last download from git://git.carnivore.it/honeytrap.git of Honytrap by Tillmann Werner☆43Updated 3 years ago
- A lightweight tool to load Windows Event Log evtx files into Elasticsearch.☆117Updated 4 years ago
- Evading Snort Intrusion Detection System.☆78Updated 3 years ago
- Minimal, consistent Python API for building integrations with malware sandboxes.☆139Updated last year
- This tool maps a file's behavior on MITRE ATT&CK matrix.☆59Updated 5 years ago