ivre / masscanned
Let's be scanned. A low-interaction honeypot focused on network scanners and bots. It integrates very well with IVRE to build a self-hosted alternative to GreyNoise.
☆120Updated last week
Alternatives and similar repositories for masscanned
Users that are interested in masscanned are comparing it to the libraries listed below
Sorting:
- Melody is a transparent internet sensor built for threat intelligence. Supports custom tagging rules and vulnerable application simulatio…☆141Updated 3 months ago
- LZR quickly detects and fingerprints unexpected services running on unexpected ports.☆173Updated 3 weeks ago
- Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives …☆155Updated 11 months ago
- A minimalistic cross-platform malware scanner with non-blocking realtime filesystem monitoring using YARA rules.☆226Updated 2 years ago
- HTTP Headers Hashing (HHHash) is a technique used to create a fingerprint of an HTTP server based on the headers it returns.☆76Updated last year
- Signature based honeypot detector tool written in Golang☆93Updated last month
- Hfinger - fingerprinting HTTP requests☆137Updated 2 years ago
- JA4TScan is an active TCP server fingerprinting tool.☆76Updated 8 months ago
- A honeypot for the Log4Shell vulnerability (CVE-2021-44228).☆92Updated 5 months ago
- reveal origins behind reverse proxies & hidden services 👀 🧅 💻☆34Updated last year
- IOK (Indicator Of Kit) is an open source language and ruleset for detecting phishing threat actor tools and tactics☆182Updated 3 weeks ago
- This repository contains a comprehensive list of over 30k dynamic DNS domains as of 2024. The list is provided for informational purposes…☆95Updated 4 months ago
- A fast and secure multi protocol honeypot.☆321Updated 2 years ago
- PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.☆153Updated last month
- A phishing kit collector for scavengers☆205Updated last month
- WhiteBeam: Transparent endpoint security☆101Updated 2 years ago
- 🚀 A lightweight, fast, and comprehensive solution for traffic analysis and intrusion detection.☆20Updated this week
- PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…☆95Updated 3 years ago
- Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https…☆126Updated last year
- SNIcat☆126Updated 3 years ago
- Login Pages Database forms a knowledge base on login pages related to malicious activities (C2 panels, phishing kits...).☆39Updated 2 years ago
- Enhance your malware detection with WAF + YARA (WAFARAY)☆108Updated 2 years ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆70Updated this week
- T-Pot Attack Map that follows ES honeypot events within T-Pot and parses IPs, ports and honeypot info to visualize events in real time.☆29Updated 6 months ago
- simple YARA-based IOC scanner☆169Updated 3 months ago
- A forensic evidence acquirer☆86Updated 4 years ago
- Data visualization for blue teams☆126Updated 2 years ago
- 🏴☠️💰 Another Ransomware gang tracker☆197Updated this week
- LOKI2 - Simple IOC and YARA Scanner☆93Updated 9 months ago
- NIST-based CVE lookup store and API powered by Rust.☆131Updated last week