felixe / idsEventGeneratorLinks
aka GENESIDS: Reads and parses rules using a "snort like" syntax and generates and sends packets that trigger events in signature based IDS (Intrusion Detection Systems) using these rules
☆22Updated 7 years ago
Alternatives and similar repositories for idsEventGenerator
Users that are interested in idsEventGenerator are comparing it to the libraries listed below
Sorting:
- The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere …☆50Updated 7 years ago
- Wireshark plugin to display Suricata analysis info☆95Updated 4 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 7 years ago
- Passive Real-time Asset Detection System☆249Updated last year
- Utility for parsing Bro log files into CSV or JSON format☆42Updated 2 years ago
- a network packet capture compiler☆205Updated 3 years ago
- Detect HTTP stalling attacks like slowloris with Bro☆19Updated 7 years ago
- S4A main repository. SaltStack states, install script and build scripts☆27Updated last week
- A website and framework for testing NIDS detection☆57Updated 4 years ago
- Mapping NSM rules to MITRE ATT&CK☆73Updated 5 years ago
- Generates visualizations from the output of flow tools such as SiLK.☆35Updated 9 years ago
- Web service for scanning pcaps with snort☆110Updated 7 years ago
- ☆174Updated 4 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆124Updated 5 years ago
- Suricata Extreme Performance Tuning guide☆214Updated 7 years ago
- Zeek support for Community ID flow hashing.☆37Updated 2 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆122Updated 4 years ago
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆171Updated 2 years ago
- viewssld is a free, open source, non-terminating SSLv2/SSLv3/TLS traffic decryption daemon for Snort, and other Network Intrusion Detecti…☆74Updated 8 years ago
- A completely automated anomaly detector Zeek network flows files (conn.log).☆82Updated 4 months ago
- Bro/Zeek integration with osquery☆94Updated 5 years ago
- Plugin providing native AF_Packet support for Zeek.☆33Updated last month
- Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files☆44Updated last year
- This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant ya…☆122Updated 4 years ago
- Repository of all the sites related to infosec IP/Domain/Hash/SSL/etc OSINT and eventually will include more.☆69Updated last month
- Expandable Defensive Cyber Operations Platform☆43Updated 3 years ago
- A set of ICS IDS rules for use with Suricata.☆50Updated 2 years ago
- Zeek IDS Dockerfile☆101Updated 3 years ago
- Suricata Extreme Performance Tuning guide - Mark II☆121Updated 7 years ago
- Meer (GPLv2) is a dedicated "spooler" for the Suricata & Sagan EVE output formats.☆23Updated 4 years ago