ivre / masscanned
Let's be scanned. A low-interaction honeypot focused on network scanners and bots. It integrates very well with IVRE to build a self-hosted alternative to GreyNoise.
☆120Updated 3 weeks ago
Alternatives and similar repositories for masscanned:
Users that are interested in masscanned are comparing it to the libraries listed below
- Melody is a transparent internet sensor built for threat intelligence. Supports custom tagging rules and vulnerable application simulatio…☆140Updated 2 months ago
- Signature based honeypot detector tool written in Golang☆91Updated last month
- How to setup a honeypot with an IDS, ELK and TLS traffic inspection☆158Updated 2 years ago
- LZR quickly detects and fingerprints unexpected services running on unexpected ports.☆172Updated 2 months ago
- WhiteBeam: Transparent endpoint security☆100Updated 2 years ago
- A minimalistic cross-platform malware scanner with non-blocking realtime filesystem monitoring using YARA rules.☆224Updated 2 years ago
- This repository contains a comprehensive list of over 30k dynamic DNS domains as of 2024. The list is provided for informational purposes…☆93Updated 4 months ago
- HTTP Headers Hashing (HHHash) is a technique used to create a fingerprint of an HTTP server based on the headers it returns.☆76Updated last year
- Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives …☆153Updated 10 months ago
- Honeyscanner: A vulnerability analyzer for honeypots☆38Updated 8 months ago
- A fast and secure multi protocol honeypot.☆317Updated 2 years ago
- Threat Intel Platform for T-POTs☆145Updated this week
- Enhance your malware detection with WAF + YARA (WAFARAY)☆108Updated 2 years ago
- File analysis and management framework.☆82Updated last year
- Hfinger - fingerprinting HTTP requests☆137Updated last year
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆70Updated 2 weeks ago
- Network Entity Reputation Database☆34Updated 2 months ago
- JA4TScan is an active TCP server fingerprinting tool.☆73Updated 7 months ago
- IOK (Indicator Of Kit) is an open source language and ruleset for detecting phishing threat actor tools and tactics☆178Updated this week
- A distributed nmap / masscan scanning framework complete with scan scheduling, engine pooling, subsequent scan port diff-ing, and an API …☆167Updated 3 years ago
- HASH (HTTP Agnostic Software Honeypot)☆139Updated 11 months ago
- NIST-based CVE lookup store and API powered by Rust.☆130Updated 3 weeks ago
- High Interaction Honeypot Solution for Redis protocol☆24Updated 4 years ago
- 🚀 A lightweight, fast, and comprehensive solution for traffic analysis and intrusion detection.☆20Updated this week
- T-Pot Attack Map that follows ES honeypot events within T-Pot and parses IPs, ports and honeypot info to visualize events in real time.☆28Updated 5 months ago
- SNIcat☆126Updated 3 years ago
- LOKI2 - Simple IOC and YARA Scanner☆92Updated 8 months ago
- Login Pages Database forms a knowledge base on login pages related to malicious activities (C2 panels, phishing kits...).☆39Updated 2 years ago
- CLI tool to quickly and efficiently bulk-download entries from a Certificate Transparency log☆32Updated this week
- quicmap is a simple yet quic (!) QUIC protocol scanner☆85Updated last year