Alternatives and similar repositories for pyHIDS

Users that are interested in pyHIDS are comparing it to the libraries listed below

• CIRCL / PyPDNS
  Client API to query any Passive DNS implementation following the Passive DNS - Common Output Format.
  ☆81Updated 4 months ago
• stratosphereips / Manati
  A web-based tool to assist the work of the intuitive threat analysts.
  ☆113Updated 6 years ago
• JustinAzoff / zeek-pdns
  Passive DNS collection using Zeek
  ☆182Updated 2 years ago
• rosehgal / HoneySMB
  Simple High Interaction Honeypot Solution for SMB protocol
  ☆49Updated 4 years ago
• brakmic / Sinkholes
  Malware Sinkhole List in various formats
  ☆102Updated 3 years ago
• InQuest / sandboxapi
  Minimal, consistent Python API for building integrations with malware sandboxes.
  ☆139Updated last year
• InQuest / ThreatKB
  Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
  ☆102Updated 3 weeks ago
• salesforce / bro-sysmon
  How to Zeek Sysmon Logs!
  ☆102Updated 3 years ago
• SpiderLabs / IOCs-IDPS
  This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)
  ☆104Updated 4 years ago
• passivetotal / python_api
  Python abstract API for PassiveTotal services in the form of libraries and command line utilities.
  ☆85Updated 2 years ago
• treussart / ProbeManager
  Centralize Management of Intrusion Detection System like Suricata Bro Ossec ...
  ☆72Updated 6 years ago
• armedpot / honeytrap
  Last download from git://git.carnivore.it/honeytrap.git of Honytrap by Tillmann Werner
  ☆43Updated 3 years ago
• CERT-Polska / n6
  Automated handling of data feeds for security teams
  ☆139Updated last month
• Cymmetria / ciscoasa_honeypot
  A low interaction honeypot for the Cisco ASA component capable of detecting CVE-2018-0101, a DoS and remote code execution vulnerability.
  ☆52Updated 6 years ago
• alertflex / altprobe
  collector/runner
  ☆65Updated 4 months ago
• bez0r / pDNS2
  Passive DNS V2
  ☆60Updated 11 years ago
• certego / PcapMonkey
  PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.
  ☆156Updated 4 months ago
• staaldraad / fastfluxanalysis
  Scripts to detect Fast-Flux and DGA using DNS query responses
  ☆43Updated 8 years ago
• secureworks / flowsynth
  a network packet capture compiler
  ☆200Updated 3 years ago
• silascutler / MalPipe
  Malware/IOC ingestion and processing engine
  ☆106Updated 6 years ago
• AlienVault-OTX / OTX-Suricata
  The OTX Suricata Rule Generator can be used to create the rules and configuration for Suricata to alert on indicators from your OTX accou…
  ☆112Updated last year
• AlkenePan / awesome-bro
  Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))
  ☆31Updated 5 years ago
• 0xtf / nsm-attack
  Mapping NSM rules to MITRE ATT&CK
  ☆71Updated 4 years ago
• MISP / mail_to_misp
  Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.
  ☆69Updated last year
• 3c7 / aptmap
  A map displaying threat actors from the misp-galaxy
  ☆33Updated 2 years ago
• CIRCL / yara-validator
  Validates yara rules and tries to repair the broken ones.
  ☆39Updated 4 years ago
• tylabs / dovehawk
  Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
  ☆121Updated 4 years ago
• chrisjd20 / Snorpy
  Snorpy is a python script the gives a Gui interface to help those new to snort create rules.
  ☆63Updated 11 months ago
• BreakingMalwareResearch / YetiToElastic
  YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack
  ☆16Updated 4 years ago
• PUNCH-Cyber / YaraGuardian
  Django web interface for managing Yara rules
  ☆193Updated 7 years ago