Alternatives and similar repositories for WinTAP:

Users that are interested in WinTAP are comparing it to the libraries listed below

• corelight / zeek-quic
  Bro analyzer that detects Google's QUIC protocol
  ☆10Updated 3 years ago
• socprime / SigmaRulesIntegration
  ☆15Updated 6 years ago
• ncsa / bro-simple-scan
  ☆15Updated 9 months ago
• MITRECND / bro-http2
  Plugin for Zeek/Bro which provides http2 decoder/analyzer
  ☆30Updated 7 months ago
• fireeye / brocapi
  Bro PCAP Processing and Tagging API
  ☆28Updated 7 years ago
• nextgens / limacharlie
  Endpoint monitoring stack.
  ☆18Updated 9 years ago
• beave / meer
  Meer (GPLv2) is a dedicated "spooler" for the Suricata & Sagan EVE output formats.
  ☆23Updated 3 years ago
• SekoiaLab / FastIR_Agent
  FastIR Agent is a Windows service to execute FastIR Collector on demand
  ☆14Updated 7 years ago
• clong / vagrant-ids
  An Ubuntu 16.04 build containing Suricata, PulledPork, Bro, and Splunk
  ☆23Updated 6 years ago
• reed1713 / ELAT
  Event Log Analysis Tools
  ☆29Updated 8 years ago
• CIRCL / IP-ASN-history
  IP-ASN-history is a server software to store efficiently the history of BGP announces and quickly lookup IP addresses origins
  ☆45Updated 2 years ago
• ohjeongwook / WindowsEventTools
  Collection Of Scripts And Utilities For Windows Event Hunting
  ☆17Updated 4 years ago
• DCSO / slinkwatch
  automatic enumeration and maintenance of Suricata monitoring interfaces
  ☆11Updated 5 years ago
• EmergingThreats / IDSDeathBlossom
  IDS Utility Belt For Automating/Testing Various Things
  ☆30Updated 4 years ago
• Neo23x0 / neolog
  Windows Syslog Command Line Client
  ☆15Updated 12 years ago
• wolfvan / YaraRET
  Carving tool based in Radare2 & Yara
  ☆16Updated 6 years ago
• corelight / top-dns
  Top DNS Measurement for Bro
  ☆11Updated 4 years ago
• malice-plugins / yara
  Malice Yara Plugin
  ☆30Updated 5 years ago
• elceef / dhcpf
  Passive DHCP fingerprinting implementation
  ☆50Updated 8 years ago
• miriamxyra / Excel-EventList-OLD
  EventList - the Baseline Event Analyzer
  ☆11Updated 5 years ago
• oherrala / xipology
  ☆18Updated last year
• t2mune / nield
  A tool to generate log messages related to interfaces, neighbor cache (ARP,NDP), IP address, routing, FIB rules, traffic control.
  ☆32Updated 3 months ago
• Security-Onion-Solutions / securityonion-docker-hh
  ☆20Updated 4 years ago
• SekoiaLab / FastIR_Server
  The FastIR Server is a Web server to schedule FastIR Collector forensics collect thanks to the FastIR Agent
  ☆12Updated 7 years ago
• initconf / scan-NG
  scan-detection policies for bro
  ☆15Updated 2 weeks ago
• mnemonic-no / dnscache
  Volatility memory forensics plugin for extracting Windows DNS Cache
  ☆29Updated 7 years ago
• PoorBillionaire / Windows-Prefetch-Carver
  Carve Windows Prefetch files from arbitrary binary data
  ☆14Updated 7 years ago
• bsi-group / autorun-logger-server
  Server for receiving autorun data from the clients
  ☆13Updated 7 years ago
• libcrack / iker
  IPSec testing tool
  ☆19Updated 3 months ago
• redBorder / daq
  Snort/Suricata DAQ module with DPDK patch
  ☆11Updated 9 months ago