felixe / idsEventGenerator
aka GENESIDS: Reads and parses rules using a "snort like" syntax and generates and sends packets that trigger events in signature based IDS (Intrusion Detection Systems) using these rules
☆22Updated 6 years ago
Alternatives and similar repositories for idsEventGenerator:
Users that are interested in idsEventGenerator are comparing it to the libraries listed below
- The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere …☆50Updated 6 years ago
- Wireshark plugin to display Suricata analysis info☆93Updated 3 years ago
- A website and framework for testing NIDS detection☆56Updated 3 years ago
- malware-traffic-analysis.net PCAPs repository.☆35Updated 8 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆47Updated 6 years ago
- viewssld is a free, open source, non-terminating SSLv2/SSLv3/TLS traffic decryption daemon for Snort, and other Network Intrusion Detecti…☆74Updated 7 years ago
- Mapping NSM rules to MITRE ATT&CK☆68Updated 4 years ago
- Rule sets for Sagan☆102Updated 4 years ago
- Plugin for Zeek/Bro which provides http2 decoder/analyzer☆30Updated 7 months ago
- Utility for parsing Bro log files into CSV or JSON format☆41Updated 2 years ago
- ☆33Updated 4 years ago
- ☆76Updated 2 years ago
- Detect HTTP stalling attacks like slowloris with Bro☆19Updated 6 years ago
- Plugin providing AF_XDP support for Bro.☆14Updated 3 years ago
- Potiron - Normalize, Index and Visualize Network Capture☆84Updated 5 years ago
- Passive DNS V2☆62Updated 10 years ago
- ☆38Updated 6 years ago
- a network packet capture compiler☆196Updated 2 years ago
- OPNids GUI, API and systems backend☆34Updated 5 years ago
- A collection of resources for security data☆40Updated 7 years ago
- S4A main repository. SaltStack states, install script and build scripts☆26Updated this week
- Meer (GPLv2) is a dedicated "spooler" for the Suricata & Sagan EVE output formats.☆23Updated 3 years ago
- A web-based tool to assist the work of the intuitive threat analysts.☆112Updated 5 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆122Updated 3 years ago
- Evading Snort Intrusion Detection System.☆76Updated 3 years ago
- CuckooMX is a project to automate analysis of files transmitted over SMTP (using the Cuckoo sandbox)☆41Updated 12 years ago
- An ICAP Server with yara scanner for URL and content.☆58Updated last month
- Detecting DNS Spoofing, DNS Tunneling, DNS Exfiltration☆36Updated 9 years ago
- CapAnalysis source code repository☆85Updated 6 years ago
- Yara is awesome, but sometimes you need to manipulate the data streams you're scanning in different ways.☆97Updated 10 years ago