Hogzilla is an Intrusion Detection System (IDS) supported by Snort, Apache Spark, HBase and libnDPI, which provides Network Anomaly Detection. Many Learning Models are already implemented.
☆28Apr 18, 2018Updated 7 years ago
Alternatives and similar repositories for hogzilla
Users that are interested in hogzilla are comparing it to the libraries listed below
Sorting:
- Network timing evaluation used to detect beacons, works with argus flow as the source☆20May 4, 2016Updated 9 years ago
- Hakabana monitoring tool using Haka, ElastcSearch and Kibana☆20Sep 24, 2014Updated 11 years ago
- My logstash plugins. Filter: sig (for security detect -> IOC, sig, New value, Reference, link, frequence, ...). Output: alert created by …☆10Jul 26, 2019Updated 6 years ago
- Yara rules I've written☆10Dec 9, 2015Updated 10 years ago
- Help summarize a PCAP file☆33Dec 27, 2011Updated 14 years ago
- Agentless network interfaces monitor for GNU/Linux firewalls/servers☆17Apr 4, 2017Updated 8 years ago
- Exports MISP events to STIX and ingest into McAfee ESM☆15Feb 12, 2020Updated 6 years ago
- A collection of utilities to help with analysis on the command line.☆18Aug 9, 2024Updated last year
- Passive DNS V2☆60Mar 27, 2014Updated 11 years ago
- ☆13Nov 30, 2015Updated 10 years ago
- Meer (GPLv2) is a dedicated "spooler" for the Suricata & Sagan EVE output formats.☆23Feb 9, 2021Updated 5 years ago
- CLI tool for testing Office documents with macros using MaliciousMacroBot☆12Dec 3, 2023Updated 2 years ago
- Minimalistic WebUI for passiveDNS tool☆18May 6, 2021Updated 4 years ago
- nfsinkhole is a Python library and scripts for setting up a Linux server as a sinkhole (monitor, log/capture, and drop all traffic to a s…☆12Apr 8, 2017Updated 8 years ago
- Meer is a "spooler" for Suricata / Sagan.☆30Jun 21, 2023Updated 2 years ago
- Time-Machine Dynamic Bulk Packet Recorder☆36Apr 21, 2025Updated 11 months ago
- Analysis scripts for the Bro Intrusion Detection System☆59Feb 26, 2014Updated 12 years ago
- Graphical analysis of PDF structure.☆13Jan 9, 2017Updated 9 years ago
- Feed for verious malicious IPs such as malware and botnets☆12Jun 20, 2016Updated 9 years ago
- ☆11Jul 19, 2021Updated 4 years ago
- Zeek package to create JSON formatted logs to stream into data analysis systems.☆30Dec 3, 2025Updated 3 months ago
- Realtime and Online Model Development Framework☆27May 18, 2017Updated 8 years ago
- ☆38Nov 2, 2024Updated last year
- ☆15Updated this week
- Modified edition of cuckoo☆18Feb 14, 2018Updated 8 years ago
- Rusticata: Rust parsers for Suricata (test code)☆101Aug 26, 2024Updated last year
- An R package implementing the NetEMD and NetDis network comparison measures☆14Jun 9, 2022Updated 3 years ago
- ☆12Apr 26, 2018Updated 7 years ago
- viewssld is a free, open source, non-terminating SSLv2/SSLv3/TLS traffic decryption daemon for Snort, and other Network Intrusion Detecti…☆74Aug 13, 2017Updated 8 years ago
- Real-time Packet Observation Tool☆39Sep 26, 2023Updated 2 years ago
- Go 2 Node.js Addon C++ bindings generator☆13Nov 23, 2017Updated 8 years ago
- Bro Intel Feed Linter☆26Aug 30, 2019Updated 6 years ago
- Argus is a system and network monitoring application☆14Jan 16, 2020Updated 6 years ago
- DPDK-based packet capture tool☆236Jun 2, 2023Updated 2 years ago
- Neo4j graphviz visualization☆12Apr 27, 2011Updated 14 years ago
- Scripts, tools, and proof-of-concepts to aid in a penetration test.☆23May 11, 2016Updated 9 years ago
- Apache Metron☆60Oct 8, 2020Updated 5 years ago
- Put GeoIP database in Redis☆46May 4, 2015Updated 10 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Aug 3, 2019Updated 6 years ago