Alternatives and similar repositories for Pcaps

Users that are interested in Pcaps are comparing it to the libraries listed below

• pstirparo / yara_rules

  View on GitHub
  Yara rules I've written
  ☆10Dec 9, 2015Updated 10 years ago
• weisong-ucr / DeepMem

  View on GitHub
  A graph-based deep learning tool that can recognizes the kernel objects from raw memory dumps.
  ☆14Jul 6, 2019Updated 6 years ago
• The-DFIR-Report / Suricata-Rules

  View on GitHub
  ☆11Jun 12, 2023Updated 2 years ago
• sbousseaden / PCAP-ATTACK

  View on GitHub
  PCAP Samples for Different Post Exploitation Techniques
  ☆368Apr 29, 2021Updated 4 years ago
• EmreEkin / ICS-Pcaps

  View on GitHub
  ☆82Apr 9, 2021Updated 4 years ago
• fireeye / brocapi

  View on GitHub
  Bro PCAP Processing and Tagging API
  ☆28Nov 9, 2017Updated 8 years ago
• rocknsm / docket

  View on GitHub
  A RESTful API frontend for Stenographer
  ☆54Dec 7, 2022Updated 3 years ago
• log2timeline / l2tbinaries

  View on GitHub
  Binaries for the log2timeline projects and dependencies
  ☆40Updated this week
• kolide / docker-osquery

  View on GitHub
  Dockerfiles for containerized osquery
  ☆14May 23, 2017Updated 8 years ago
• 401trg / detections

  View on GitHub
  This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant ya…
  ☆122Apr 14, 2021Updated 4 years ago
• DissectMalware / base64_substring

  View on GitHub
  Generate a Yara rule to find base64-encoded files containg a specific keyword
  ☆40Jul 13, 2018Updated 7 years ago
• chaoticmachinery / frac_rift

  View on GitHub
  FRAC and RIFT
  ☆17Mar 16, 2019Updated 6 years ago
• neu5ron / malware-traffic-analysis-pcaps

  View on GitHub
  malware-traffic-analysis.net PCAPs repository.
  ☆38Jun 9, 2016Updated 9 years ago
• fox-it / cobaltstrike-beacon-data

  View on GitHub
  Open Dataset of Cobalt Strike Beacon metadata (2018-2022)
  ☆133Mar 28, 2022Updated 3 years ago
• fox-it / dissect.esedb

  View on GitHub
  A Dissect module implementing a parser for Microsofts Extensible Storage Engine Database (ESEDB), used for example in Active Directory, E…
  ☆24Nov 20, 2025Updated 2 months ago
• sensoroni / sensoroni

  View on GitHub
  Web-based sensor management suite
  ☆20Mar 2, 2023Updated 2 years ago
• GlacierSheep / DomainBlockList

  View on GitHub
  This is a threat intelligence automatic crawling tool that also contains some high-value threat intelligence.
  ☆21Jun 2, 2021Updated 4 years ago
• SIFalcon / Detection

  View on GitHub
  ☆22Jul 7, 2023Updated 2 years ago
• MitchellX / network-traffic-analysis

  View on GitHub
  基于流量数据的网络应用识别系统设计与实现
  ☆25Dec 15, 2020Updated 5 years ago
• DevoInc / pCraft

  View on GitHub
  pCraft is a PCAP Crafter, which creates a PCAP from an AMI scenario.
  ☆92Apr 11, 2024Updated last year
• mitre-attack / bzar

  View on GitHub
  A set of Zeek scripts to detect ATT&CK techniques.
  ☆620Jun 26, 2024Updated last year
• mattifestation / WindowsEventLogMetadata

  View on GitHub
  Event metadata collected across all manifest-based ETW providers on Window 10 1903
  ☆31Nov 25, 2019Updated 6 years ago
• hpthreatresearch / iocs

  View on GitHub
  Indicators of Compromise (IOCs) accompanying HP Threat Research blog posts and reports.
  ☆29Apr 10, 2024Updated last year
• EricZimmerman / TLEFilePlugins

  View on GitHub
  Plugins for parsing CSV files in Timeline Explorer. This project allows for anyone to add more supported files (i,e. they get a Line #/ta…
  ☆29May 5, 2025Updated 9 months ago
• OnionDecoy / Installer

  View on GitHub
  A platform to run private unannounced Honeypots as Tor Hidden Services (aka Onion Decoys) inside the Tor Network.
  ☆25Aug 14, 2017Updated 8 years ago
• tjcruz-dei / ICS_PCAPS

  View on GitHub
  ICS Cybersecurity PCAP respository
  ☆63Jan 30, 2019Updated 7 years ago
• h4sh5 / decrypt-winrm

  View on GitHub
  decrypting winrm traffic using password/ntlm hash, repo fork from https://gist.github.com/jborean93/d6ff5e87f8a9f5cb215cd49826523045/
  ☆34Sep 6, 2025Updated 5 months ago
• ZSShen / MeltingPot

  View on GitHub
  A tool to cluster similar executables (PEs, DEXs, and etc), extract common signature, and generate Yara patterns for malware detection.
  ☆26Jan 5, 2019Updated 7 years ago
• netrack / learn

  View on GitHub
  Labeled DNS exfiltration datasets and algorithms of DNS tunneling detection
  ☆30Sep 23, 2022Updated 3 years ago
• ACANETS / NetML-Competition2020

  View on GitHub
  ☆26Jul 6, 2023Updated 2 years ago
• rocknsm / rock-scripts

  View on GitHub
  Bro scripts for the ROCK platform. http://rocknsm.io
  ☆34Jul 2, 2023Updated 2 years ago
• kbandla / pydeep

  View on GitHub
  Python bindings for ssdeep
  ☆90Feb 6, 2022Updated 4 years ago
• airbus-cert / Splunk-ETW

  View on GitHub
  A Splunk Technology Add-on to forward filtered ETW events.
  ☆30Oct 14, 2020Updated 5 years ago
• mmguero-dev / Malcolm-PCAP

  View on GitHub
  This repository has been archived in favor of https://github.com/idaholab/Malcolm-Test-Artifacts
  ☆37Dec 11, 2024Updated last year
• nprint / pcapml

  View on GitHub
  pcapML standardizes network traffic analysis datasets by directly encoding metadata information into raw traffic captures
  ☆28Oct 21, 2022Updated 3 years ago
• OTRF / Security-Datasets

  View on GitHub
  Re-play Security Events
  ☆1,723Mar 20, 2024Updated last year
• Invoke-IR / Uproot

  View on GitHub
  Currently not updated for WMIEvent module...
  ☆262Feb 23, 2016Updated 9 years ago
• amzn / zeek-plugin-profinet

  View on GitHub
  Zeek network security monitor plugin that enables parsing of the Profinet protocol
  ☆30May 30, 2024Updated last year
• jasklabs / blackhat2017

  View on GitHub
  Data sets and examples for Jask Labs Blackhat 2017 Handout: Top 10 Machine Learning Cyber Security Use Cases
  ☆30Jul 19, 2017Updated 8 years ago