Alternatives and similar repositories for idsEventGenerator

Users that are interested in idsEventGenerator are comparing it to the libraries listed below

• stratosphereips / StratosphereTestingFramework
  The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere …
  ☆50Updated 7 years ago
• regit / suriwire
  Wireshark plugin to display Suricata analysis info
  ☆95Updated 3 years ago
• 0xtf / nsm-attack
  Mapping NSM rules to MITRE ATT&CK
  ☆71Updated 5 years ago
• zeek / zeek-osquery
  Bro/Zeek integration with osquery
  ☆94Updated 4 years ago
• DynamiteAI / dynamite-nsm
  DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…
  ☆171Updated 2 years ago
• zeek / zeek-agent
  This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2
  ☆123Updated 4 years ago
• tylabs / dovehawk
  Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
  ☆121Updated 4 years ago
• 0xtf / testmynids.org
  A website and framework for testing NIDS detection
  ☆57Updated 4 years ago
• dgunter / ParseZeekLogs
  Utility for parsing Bro log files into CSV or JSON format
  ☆41Updated 2 years ago
• 401trg / detections
  This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant ya…
  ☆122Updated 4 years ago
• stratosphereips / zeek_anomaly_detector
  A completely automated anomaly detector Zeek network flows files (conn.log).
  ☆81Updated last month
• cert-ee / s4a
  S4A main repository. SaltStack states, install script and build scripts
  ☆26Updated last week
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆36Updated 2 years ago
• gamelinux / prads
  Passive Real-time Asset Detection System
  ☆246Updated last year
• MITRECND / bro-http2
  Plugin for Zeek/Bro which provides http2 decoder/analyzer
  ☆31Updated last year
• secureworks / flowsynth
  a network packet capture compiler
  ☆202Updated 3 years ago
• Cisco-Talos / file2pcap
  ☆172Updated 4 years ago
• neu5ron / TMInfosec
  Repository of all the sites related to infosec IP/Domain/Hash/SSL/etc OSINT and eventually will include more.
  ☆68Updated last year
• rkovar / dns_detection
  Detecting DNS Spoofing, DNS Tunneling, DNS Exfiltration
  ☆37Updated 9 years ago
• theparanoids / rdfp
  Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
  ☆40Updated 2 years ago
• pevma / SEPTun
  Suricata Extreme Performance Tuning guide
  ☆213Updated 7 years ago
• jsiwek / zeek-cryptomining
  Detect cryptocurrency mining traffic with Zeek.
  ☆46Updated 4 years ago
• blacktop / docker-zeek
  Zeek IDS Dockerfile
  ☆101Updated 2 years ago
• corelight / http-stalling-detector
  Detect HTTP stalling attacks like slowloris with Bro
  ☆19Updated 7 years ago
• hosom / file-extraction
  Extract files from network traffic with Zeek.
  ☆102Updated 5 years ago
• zeek / zeek-docker
  Docker files for building Zeek.
  ☆87Updated last year
• micrictor / spl-spt
  Zeek plugin to generate data on per-packet sizes and intervals
  ☆14Updated 5 years ago
• stratosphereips / Manati
  A web-based tool to assist the work of the intuitive threat analysts.
  ☆113Updated 6 years ago
• MISP / mail_to_misp
  Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.
  ☆69Updated last year
• csirtgadgets / bearded-avenger-deploymentkit
  CIFv3 DeploymentKit
  ☆64Updated 5 years ago