felixe / idsEventGeneratorLinks
aka GENESIDS: Reads and parses rules using a "snort like" syntax and generates and sends packets that trigger events in signature based IDS (Intrusion Detection Systems) using these rules
☆22Updated 6 years ago
Alternatives and similar repositories for idsEventGenerator
Users that are interested in idsEventGenerator are comparing it to the libraries listed below
Sorting:
- Mapping NSM rules to MITRE ATT&CK☆71Updated 4 years ago
- The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere …☆50Updated 7 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- malware-traffic-analysis.net PCAPs repository.☆36Updated 8 years ago
- Wireshark plugin to display Suricata analysis info☆94Updated 3 years ago
- Detect HTTP stalling attacks like slowloris with Bro☆19Updated 7 years ago
- Utility for parsing Bro log files into CSV or JSON format☆41Updated 2 years ago
- Growing collection of Spicy-based protocol and file analyzers for Zeek☆31Updated 8 months ago
- A website and framework for testing NIDS detection☆57Updated 3 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆39Updated last year
- Zeek plugin to generate data on per-packet sizes and intervals☆14Updated 5 years ago
- Plugin providing AF_XDP support for Bro.☆14Updated 4 years ago
- Top DNS Measurement for Bro☆11Updated 4 years ago
- Potiron - Normalize, Index and Visualize Network Capture☆86Updated 6 years ago
- Meer (GPLv2) is a dedicated "spooler" for the Suricata & Sagan EVE output formats.☆23Updated 4 years ago
- A collection of resources for security data☆41Updated 7 years ago
- Detect cryptocurrency mining traffic with Zeek.☆46Updated 4 years ago
- A completely automated anomaly detector Zeek network flows files (conn.log).☆80Updated 9 months ago
- Snorpy is a python script the gives a Gui interface to help those new to snort create rules.☆61Updated 9 months ago
- A set of ICS IDS rules for use with Suricata.☆50Updated last year
- Zeek support for Community ID flow hashing.☆35Updated last year
- Download pcap files from http://www.malware-traffic-analysis.net/☆78Updated 7 years ago
- Web service for scanning pcaps with snort☆109Updated 6 years ago
- Detecting DNS Spoofing, DNS Tunneling, DNS Exfiltration☆38Updated 9 years ago
- scan-detection policies for bro☆16Updated 4 months ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- ☆17Updated 5 years ago
- A Bro package to identify connections that are bursting (lots of data and transferring quickly).☆13Updated 4 years ago
- Python tool for converting from joy format to JA3 format SSL/TLS hashes☆11Updated 5 years ago
- PGT allows you to generate pcaps using python without touching the network in any way. It is dependent upon scapy.☆29Updated 3 years ago