Alternatives and similar repositories for sniffles:

Users that are interested in sniffles are comparing it to the libraries listed below

• bez0r / pDNS2
  Passive DNS V2
  ☆61Updated 11 years ago
• EmergingThreats / IDSDeathBlossom
  IDS Utility Belt For Automating/Testing Various Things
  ☆30Updated 4 years ago
• jipegit / FECT
  Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer
  ☆42Updated 4 years ago
• fl0x2208 / Memoirs-of-a-Threat-Hunter
  My personal experience in Threat Hunting and knowledge gained so far.
  ☆19Updated 7 years ago
• HPE-AppliedSecurityResearch / maltese
  Maltese - Malware Traffic Emulator
  ☆26Updated 8 years ago
• kost / docker-moloch
  A Docker container for Moloch based on minimal Debian
  ☆26Updated 9 years ago
• spitfire55 / MegaDev
  Bro IDS + ELK Stack to detect and block data exfiltration
  ☆46Updated 6 years ago
• kevthehermit / YaraPcap
  Process HTTP Pcaps With YARA
  ☆102Updated 11 years ago
• jusafing / pnaf
  Passive Network Audit Framework
  ☆32Updated 6 years ago
• RamadhanAmizudin / python-icap-yara
  An ICAP Server with yara scanner for URL and content.
  ☆59Updated 3 months ago
• JimmyAstle / Atomic-Parser
  Python parser for Red Canary's Atomic Red Team Yamls
  ☆27Updated 6 years ago
• paralax / BurningDogs
  Honeypot log processor to create OTX Pulse entries
  ☆28Updated last year
• fireeye / brocapi
  Bro PCAP Processing and Tagging API
  ☆28Updated 7 years ago
• StamusNetworks / surimisp
  Check IOC provided by a MISP instance on Suricata events
  ☆17Updated 5 years ago
• armedpot / honeytrap
  Last download from git://git.carnivore.it/honeytrap.git of Honytrap by Tillmann Werner
  ☆43Updated 3 years ago
• PolitoInc / Yara-Scanner
  Yara intergrated into BurpSuite
  ☆46Updated 8 years ago
• mpars0ns / scansio-sonar-es
  Python scripts to parse scans.io ssl data and ingest into elasticsearch for searching
  ☆33Updated 8 years ago
• IllusiveNetworks-Labs / HistoricProcessTree
  An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree…
  ☆60Updated 7 years ago
• Beercow / ProcDOT-Plugins
  Plugins to add funtionality to ProcDOT. http://www.procdot.com
  ☆23Updated last year
• treussart / ProbeManager
  Centralize Management of Intrusion Detection System like Suricata Bro Ossec ...
  ☆72Updated 5 years ago
• farsightsec / sie-dns-sensor
  Debian and Red Hat packaging for SIE DNS sensor
  ☆15Updated last year
• ncsa / bro-simple-scan
  ☆14Updated 11 months ago
• theparanoids / rdfp
  Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
  ☆39Updated last year
• dougiep16 / actortrackr
  Home to the ActorTrackr source code
  ☆24Updated 7 years ago
• joesecurity / Joe-Sandbox-Bro
  JoeSandbox-Bro is a simple bro script which extracts files from your internet connection and analyzes them automatically on Joe Sandbox
  ☆44Updated 5 years ago
• johnnykv / mnemosyne
  Normalizer for honeypot data.
  ☆45Updated 9 years ago
• c-APT-ure / my-public-stuff
  repo for sharing stuff
  ☆16Updated last year
• cert-se / megatron-java
  Megatron - A System for Abuse- and Incident Handling
  ☆44Updated 8 years ago
• micrictor / smbfp
  Zeek package to generate a SMB client fingerprint
  ☆27Updated 4 years ago
• WeaverHeavy / Threat-Intelligence-Tradecraft
  ☆27Updated 7 years ago