felixe / idsEventGenerator
aka GENESIDS: Reads and parses rules using a "snort like" syntax and generates and sends packets that trigger events in signature based IDS (Intrusion Detection Systems) using these rules
☆22Updated 6 years ago
Alternatives and similar repositories for idsEventGenerator:
Users that are interested in idsEventGenerator are comparing it to the libraries listed below
- The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere …☆50Updated 7 years ago
- A collection of resources for security data☆41Updated 7 years ago
- A completely automated anomaly detector Zeek network flows files (conn.log).☆75Updated 7 months ago
- Mapping NSM rules to MITRE ATT&CK☆69Updated 4 years ago
- Utility for parsing Bro log files into CSV or JSON format☆41Updated 2 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- Wireshark plugin to display Suricata analysis info☆93Updated 3 years ago
- Passive DNS V2☆61Updated 11 years ago
- Extract files from network traffic with Zeek.☆101Updated 5 years ago
- A website and framework for testing NIDS detection☆57Updated 3 years ago
- Plugin for Zeek/Bro which provides http2 decoder/analyzer☆31Updated 9 months ago
- DGA Domains detection☆65Updated 6 years ago
- Aggregates security threats from a number of online sources, and outputs to Syslog CEF, Snort Signatures, Iptables rules, hosts.deny, etc…☆79Updated 9 years ago
- Detect HTTP stalling attacks like slowloris with Bro☆19Updated 7 years ago
- Cyber Threat Intelligence Feeds☆95Updated 8 years ago
- Detect cryptocurrency mining traffic with Zeek.☆46Updated 4 years ago
- Contributed Bro Scripts☆30Updated 10 years ago
- Potiron - Normalize, Index and Visualize Network Capture☆85Updated 6 years ago
- A Bro package to identify connections that are bursting (lots of data and transferring quickly).☆13Updated 4 years ago
- Zeek package to generate a SMB client fingerprint☆27Updated 4 years ago
- ��☆75Updated 3 years ago
- malware-traffic-analysis.net PCAPs repository.☆35Updated 8 years ago
- Yara is awesome, but sometimes you need to manipulate the data streams you're scanning in different ways.☆97Updated 10 years ago
- scan-detection policies for bro☆15Updated 2 months ago
- Zeek support for Community ID flow hashing.☆35Updated last year
- A tool to generate Snort rules based on public IP reputation data☆56Updated 11 years ago
- Repository of all the sites related to infosec IP/Domain/Hash/SSL/etc OSINT and eventually will include more.☆66Updated 11 months ago
- Last download from git://git.carnivore.it/honeytrap.git of Honytrap by Tillmann Werner☆43Updated 3 years ago
- A web-based tool to assist the work of the intuitive threat analysts.☆112Updated 6 years ago
- This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)☆99Updated 3 years ago