Hogzilla is an Intrusion Detection System (IDS) supported by Snort, Apache Spark, HBase and libnDPI, which provides Network Anomaly Detection. Many Learning Models are already implemented.
☆28Apr 18, 2018Updated 7 years ago
Alternatives and similar repositories for hogzilla
Users that are interested in hogzilla are comparing it to the libraries listed below
Sorting:
- Network timing evaluation used to detect beacons, works with argus flow as the source☆20May 4, 2016Updated 9 years ago
- Hakabana monitoring tool using Haka, ElastcSearch and Kibana☆20Sep 24, 2014Updated 11 years ago
- My logstash plugins. Filter: sig (for security detect -> IOC, sig, New value, Reference, link, frequence, ...). Output: alert created by …☆10Jul 26, 2019Updated 6 years ago
- Yara rules I've written☆10Dec 9, 2015Updated 10 years ago
- Exports MISP events to STIX and ingest into McAfee ESM☆15Feb 12, 2020Updated 6 years ago
- Help summarize a PCAP file☆33Dec 27, 2011Updated 14 years ago
- A collection of utilities to help with analysis on the command line.☆18Aug 9, 2024Updated last year
- Meer (GPLv2) is a dedicated "spooler" for the Suricata & Sagan EVE output formats.☆23Feb 9, 2021Updated 5 years ago
- Passive DNS V2☆60Mar 27, 2014Updated 11 years ago
- Ipython notebook that illustrates effectiveness of machine learning algorithms in anomaly detection of netflow data (inbound/outbound DDo…☆80May 7, 2017Updated 8 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Aug 3, 2019Updated 6 years ago
- DGA-generated domain detection using deep learning models☆24Nov 21, 2022Updated 3 years ago
- Low-interaction VNC honeypot with a static challenge.☆23Aug 10, 2019Updated 6 years ago
- viewssld is a free, open source, non-terminating SSLv2/SSLv3/TLS traffic decryption daemon for Snort, and other Network Intrusion Detecti…☆74Aug 13, 2017Updated 8 years ago
- Detection Engineering research, open-source tools, conference presentations, and technical publications shared with the security communit…☆28Dec 17, 2025Updated 2 months ago
- Bro Intel Feed Linter☆26Aug 30, 2019Updated 6 years ago
- ☆30Jul 11, 2018Updated 7 years ago
- Realtime and Online Model Development Framework☆27May 18, 2017Updated 8 years ago
- Meer is a "spooler" for Suricata / Sagan.☆30Jun 21, 2023Updated 2 years ago
- Zeek package to create JSON formatted logs to stream into data analysis systems.☆30Dec 3, 2025Updated 2 months ago
- Command line tool to interact with Chronicle's Config Based Normalizer (CBN) APIs.☆32Aug 31, 2023Updated 2 years ago
- The "Let's-defend-solution" directory contains the answers to all paths of the Let's Defend platform that were saved by the creator 8 mon…☆12Apr 27, 2023Updated 2 years ago
- Time-Machine Dynamic Bulk Packet Recorder☆36Apr 21, 2025Updated 10 months ago
- ☆38Nov 2, 2024Updated last year
- An example for implementation of ssdeep similarity search optimized with elasticsearch☆34Sep 19, 2017Updated 8 years ago
- Real-time Packet Observation Tool☆39Sep 26, 2023Updated 2 years ago
- Rule sets for Sagan☆106Jan 7, 2021Updated 5 years ago
- ☆14Feb 18, 2026Updated last week
- Analysis scripts for the Bro Intrusion Detection System☆59Feb 26, 2014Updated 12 years ago
- A bunch of scripts I use to work with urlscan.io☆35Oct 25, 2019Updated 6 years ago
- Web interface to IntelMQ☆10Sep 10, 2025Updated 5 months ago
- Code repository for MDX with Microsoft SQL Server 2016 Analysis Services Cookbook by Packt☆12Jan 30, 2023Updated 3 years ago
- Script to output Azure IAM permissions and flag any explicit/owner permissions for review☆10May 18, 2020Updated 5 years ago
- Asset inventory of over 800 public bug bounty programs.☆12Jun 12, 2023Updated 2 years ago
- Provides a Learning Tools Interoperability (LTI) integration for creating WordPress blogs with appropriate user roles based on roles set …☆12Mar 17, 2025Updated 11 months ago
- ☆10Dec 5, 2017Updated 8 years ago
- ☆10Dec 11, 2023Updated 2 years ago
- ☆11Jul 19, 2021Updated 4 years ago
- A scanner for DKIM selectors.☆12Nov 5, 2018Updated 7 years ago