openargus / argus
Argus Sensor
☆61Updated last week
Alternatives and similar repositories for argus:
Users that are interested in argus are comparing it to the libraries listed below
- Argus clients program repo☆22Updated last week
- Open source endpoint agent providing host information to Zeek. [v2]☆77Updated 5 months ago
- Suricata Verification Tests - Testing Suricata Output☆105Updated this week
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆69Updated 2 months ago
- An open standard for hashing network flows into identifiers, a.k.a "Community IDs".☆176Updated 6 months ago
- The Security Analyst’s Guide to Suricata☆54Updated 10 months ago
- Collection of various open-source an commercial rulesets for NIDS (especially for Suricata and Snort)☆23Updated last year
- Accurate, modular, scalable PCAP manipulation tool written in Go.☆87Updated 11 months ago
- Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)☆79Updated 5 months ago
- Suricata Extreme Performance Tuning guide - Mark II☆115Updated 6 years ago
- A Zeek script to generate features based on timing, volume and metadata for traffic classification.☆55Updated 4 years ago
- Suricata rules for network anomaly detection☆156Updated 2 weeks ago
- A completely automated anomaly detector Zeek network flows files (conn.log).☆76Updated 7 months ago
- ☆49Updated 6 years ago
- Plugin providing native AF_Packet support for Zeek.☆34Updated 11 months ago
- Sagan is a multi-threads, high performance log analysis engine. At it's core, Sagan similar to Suricata/Snort but with logs rather th…☆166Updated 3 weeks ago
- PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.☆153Updated this week
- Zeek Training Materials/Products☆37Updated last month
- The tool for updating your Suricata rules.☆266Updated 3 months ago
- fast, extensible, versatile event router for Suricata's EVE-JSON format☆50Updated 2 weeks ago
- Pcap-splitter allows you to split a pcap file into subsets of pcap files based on sessions, flows, ip addresses, number of bytes, number …☆65Updated 5 years ago
- ☆33Updated 2 months ago
- nPrint provides a generalizable data representation for network packets that works directly with machine learning techniques☆109Updated 2 years ago
- Pure python parser for Snort/Suricata rules.☆29Updated last year
- Zeek-Formatted Threat Intelligence Feeds☆358Updated this week
- Red Canary's eBPF Sensor☆103Updated 8 months ago
- Docker files for building Zeek.☆86Updated last year
- Augmentation to Machine Readable CTI☆30Updated 3 weeks ago
- Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…☆49Updated last week
- Official ID2T repository. ID2T creates labeled IT network datasets that contain user defined synthetic attacks.☆62Updated last year