Improvements of/over the original rule2alert
☆56Dec 28, 2014Updated 11 years ago
Alternatives and similar repositories for rule2alert
Users that are interested in rule2alert are comparing it to the libraries listed below
Sorting:
- ☆16Dec 26, 2022Updated 3 years ago
- idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)☆284Jul 10, 2025Updated 7 months ago
- domain information in JSON format☆10Jun 7, 2017Updated 8 years ago
- Independent file type identification python library☆12Mar 16, 2023Updated 2 years ago
- Dump and parse embedded certificates from Windows binaries☆11Jan 3, 2012Updated 14 years ago
- Windows Trollware and Persistence Script☆13Sep 16, 2015Updated 10 years ago
- NSRL BloomFilter, Mandiant BloomFilter, Hyperloglog Malware Data Structure☆15Mar 14, 2014Updated 11 years ago
- Wireshark plugin to display Suricata analysis info☆94Nov 5, 2021Updated 4 years ago
- FSL Test bench - Ansible playbook repository to setup a save environment for security auditing and testing. It can be used for teaching s…☆30Nov 26, 2024Updated last year
- A 'Universal WHOIS' proxy server - you query it, it gives back the correct details☆42Nov 29, 2025Updated 3 months ago
- ☆17Mar 22, 2018Updated 7 years ago
- A tool to generate yara signatures from function blocks☆19Dec 8, 2014Updated 11 years ago
- Python libary to normalize Yara signatures☆19Oct 9, 2020Updated 5 years ago
- All Zero Nights 2016 'A threat hunter himself' stuff☆16Nov 18, 2016Updated 9 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆439Feb 24, 2023Updated 3 years ago
- Checks with NSRL RDS servers looking for for hash matches☆114Feb 26, 2021Updated 5 years ago
- ☆20Feb 3, 2024Updated 2 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Jan 6, 2021Updated 5 years ago
- A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).☆16Dec 19, 2018Updated 7 years ago
- A browser extension that seamlessly integrates your yara match notifications into VirusTotal Intelligence.☆17Feb 8, 2015Updated 11 years ago
- Bro integration with osquery☆15Mar 24, 2023Updated 2 years ago
- A Java library for handling TAXII Messages and invoking TAXII Services.☆20Mar 27, 2019Updated 6 years ago
- Carve Windows Prefetch files from arbitrary binary data☆16Jun 11, 2017Updated 8 years ago
- Work Fast With the pattern matching swiss knife for malware researchers.☆38Mar 26, 2016Updated 9 years ago
- Packetyzer is a high level library for C++ designed to make easier the forging and decoding of network packets. It has the ability to dec…☆52Sep 4, 2014Updated 11 years ago
- Tool for dropping malware from EK☆40Feb 9, 2018Updated 8 years ago
- Malicious HTTP traffic explorer☆723Mar 16, 2023Updated 2 years ago
- Fast Advanced Spam Analysis Tool☆306Aug 6, 2025Updated 6 months ago
- Code examples from recent blog posts by minerva labs.☆45Jan 26, 2019Updated 7 years ago
- A curated list of tools for incident response☆21Sep 24, 2019Updated 6 years ago
- Using nDPI/openDPI to detect flow protocols from a PCAP file or live NIC. This program was modified from example in nDPI and I added a pe…☆23May 6, 2016Updated 9 years ago
- ☆16Jan 31, 2015Updated 11 years ago
- Script for generating Bro intel files from pdf or html reports☆77Dec 7, 2015Updated 10 years ago
- netflow 2 kafka translator☆19Nov 8, 2023Updated 2 years ago
- pure Python binary analysis framework☆23Oct 26, 2018Updated 7 years ago
- Tools developed to test the Redirect to SMB issue☆84Jun 2, 2015Updated 10 years ago
- Red Canary Carbon Black API☆20Jan 30, 2016Updated 10 years ago
- ☆47Nov 18, 2015Updated 10 years ago
- Python tools for IOC (Indicator of Compromise) handling☆96Nov 25, 2021Updated 4 years ago