Alternatives and similar repositories for Snort

Users that are interested in Snort are comparing it to the libraries listed below

• jasonish / py-idstools
  idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)
  ☆283Updated 5 months ago
• shendo / websnort
  Web service for scanning pcaps with snort
  ☆110Updated 7 years ago
• xplico / xplico
  Open Source Network Forensic Analysis Tool (NFAT)
  ☆196Updated 5 years ago
• Cisco-Talos / file2pcap
  ☆174Updated 4 years ago
• DataSoft / Honeyd
  virtual honeypots
  ☆390Updated 2 years ago
• hosom / file-extraction
  Extract files from network traffic with Zeek.
  ☆103Updated 5 years ago
• plusvic / yara
  The pattern matching swiss knife
  ☆140Updated 5 years ago
• 360netlab / DGA
  Suspicious DGA from PDNS and Sandbox.
  ☆187Updated 3 years ago
• SpiderLabs / IOCs-IDPS
  This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)
  ☆108Updated 4 years ago
• ahm3dhany / IDS-Evasion
  Evading Snort Intrusion Detection System.
  ☆78Updated 4 years ago
• gamelinux / prads
  Passive Real-time Asset Detection System
  ☆249Updated last year
• jpalanco / alienvault-ossim
  Alienvault ossim
  ☆123Updated 10 months ago
• John-Lin / docker-snort
  Snort in Docker for Network Functions Virtualization (NFV)
  ☆110Updated 6 years ago
• EmergingThreats / fiddler2pcap
  fiddler output to pcap
  ☆41Updated 11 years ago
• OISF / libhtp
  LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces.
  ☆309Updated 2 months ago
• John-Lin / malware
  This is a malware analysis project which expecte to generate snort rule via malicious network traffic
  ☆28Updated 2 years ago
• secureworks / flowsynth
  a network packet capture compiler
  ☆205Updated 3 years ago
• andrewaeva / DGA
  The repository that contains the algorithms for generating domain names, dictionaries of malicious domain names. Developed to research th…
  ☆221Updated 8 years ago
• plashchynski / viewssld
  viewssld is a free, open source, non-terminating SSLv2/SSLv3/TLS traffic decryption daemon for Snort, and other Network Intrusion Detecti…
  ☆74Updated 8 years ago
• jsiwek / zeek-cryptomining
  Detect cryptocurrency mining traffic with Zeek.
  ☆46Updated 4 years ago
• bro / bro
  Mirror of https://github.com/zeek/zeek
  ☆176Updated 2 years ago
• digitalbond / Quickdraw-Suricata
  A set of ICS IDS rules for use with Suricata.
  ☆50Updated 2 years ago
• golismero / openvas_lib
  OpenVAS connector for versions 6, 7, 8 and 9
  ☆80Updated 3 years ago
• tatsuiman / malware-traffic-analysis.net
  Download pcap files from http://www.malware-traffic-analysis.net/
  ☆80Updated 7 years ago
• neu5ron / malware-traffic-analysis-pcaps
  malware-traffic-analysis.net PCAPs repository.
  ☆38Updated 9 years ago
• firnsy / barnyard2
  Barnyard2 is a dedicated spooler for Snort's unified2 binary output format.
  ☆354Updated last year
• nccgroup / IP-reputation-snort-rule-generator
  A tool to generate Snort rules based on public IP reputation data
  ☆56Updated 12 years ago
• OISF / suricata-update
  The tool for updating your Suricata rules.
  ☆284Updated last month
• joanbono / Snorter
  Snort + Barnyard2 + Pulledpork → The easy way!
  ☆169Updated 4 years ago
• secureworks / dalton
  Suricata, Snort and Zeek IDS rule and pcap testing system
  ☆508Updated last week