felixe / idsEventGeneratorLinks
aka GENESIDS: Reads and parses rules using a "snort like" syntax and generates and sends packets that trigger events in signature based IDS (Intrusion Detection Systems) using these rules
☆22Updated 6 years ago
Alternatives and similar repositories for idsEventGenerator
Users that are interested in idsEventGenerator are comparing it to the libraries listed below
Sorting:
- The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere …☆50Updated 7 years ago
- Wireshark plugin to display Suricata analysis info☆95Updated 3 years ago
- Mapping NSM rules to MITRE ATT&CK☆71Updated 4 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆121Updated 4 years ago
- A completely automated anomaly detector Zeek network flows files (conn.log).☆82Updated 11 months ago
- Utility for parsing Bro log files into CSV or JSON format☆41Updated 2 years ago
- A website and framework for testing NIDS detection☆57Updated 3 years ago
- Detect cryptocurrency mining traffic with Zeek.☆46Updated 4 years ago
- a network packet capture compiler☆201Updated 3 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆123Updated 4 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆40Updated 2 years ago
- Zeek plugin to generate data on per-packet sizes and intervals☆14Updated 5 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- Plugin for Zeek/Bro which provides http2 decoder/analyzer☆31Updated last year
- Suricata Extreme Performance Tuning guide☆210Updated 7 years ago
- A web-based tool to assist the work of the intuitive threat analysts.☆113Updated 6 years ago
- viewssld is a free, open source, non-terminating SSLv2/SSLv3/TLS traffic decryption daemon for Snort, and other Network Intrusion Detecti…☆74Updated 7 years ago
- Bro/Zeek integration with osquery☆94Updated 4 years ago
- A tool to generate Snort rules based on public IP reputation data☆56Updated 11 years ago
- S4A main repository. SaltStack states, install script and build scripts☆26Updated 2 weeks ago
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆170Updated 2 years ago
- Detect HTTP stalling attacks like slowloris with Bro☆19Updated 7 years ago
- Rule sets for Sagan☆105Updated 4 years ago
- Ready to run scripts for network analysis☆88Updated 3 months ago
- This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant ya…☆122Updated 4 years ago
- Passive Real-time Asset Detection System☆243Updated last year
- Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.☆69Updated last year
- Extract files from network traffic with Zeek.☆101Updated 5 years ago
- malware-traffic-analysis.net PCAPs repository.☆38Updated 9 years ago
- GQUIC Protocol Analyzer for Zeek (Bro) Network Security Monitor☆78Updated last year