Alternatives and similar repositories for linux-malware-detect

Users that are interested in linux-malware-detect are comparing it to the libraries listed below

• Tripwire / tripwire-open-source
  Open Source Tripwire®
  ☆921Updated last year
• extremeshok / clamav-unofficial-sigs
  ClamAV Unofficial Signatures Updater maintained by eXtremeSHOK.com
  ☆538Updated 2 years ago
• mrash / psad
  psad: Intrusion Detection and Log Analysis with iptables
  ☆416Updated 2 years ago
• ossec / ossec-hids
  OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, roo…
  ☆5,004Updated last year
• StamusNetworks / Clear-NDR-ISO
  A Suricata based NDR distribution
  ☆1,586Updated 4 months ago
• jvoisin / php-malware-finder
  Detect potentially malicious PHP files
  ☆1,477Updated 2 years ago
• shirkdog / pulledpork
  Pulled Pork for Snort and Suricata rule management (from Google code)
  ☆442Updated 4 years ago
• firehol / firehol
  A firewall for humans...
  ☆1,567Updated 6 months ago
• zecure / shadowd
  The Shadow Daemon web application firewall server
  ☆305Updated 3 years ago
• wazuh / wazuh-ruleset
  Wazuh - Ruleset
  ☆499Updated last year
• pwnlandia / mhn
  Modern Honey Network
  ☆2,467Updated last year
• DinoTools / dionaea
  Home of the dionaea honeypot
  ☆787Updated last year
• desaster / kippo
  Kippo - SSH Honeypot
  ☆1,708Updated 2 years ago
• OpenSCAP / openscap
  NIST Certified SCAP 1.2 toolkit
  ☆1,642Updated last week
• a2o / snoopy
  Snoopy Command Logger is a small library that logs all program executions on your Linux/BSD system.
  ☆1,277Updated last year
• mushorg / glastopf
  Web Application Honeypot
  ☆593Updated last year
• Neo23x0 / Loki
  Loki - Simple IOC and YARA Scanner
  ☆3,705Updated last week
• gamelinux / passivedns
  A network sniffer that logs all DNS server replies for use in a passive DNS setup
  ☆1,731Updated last year
• mikesplain / openvas-docker
  A Docker container for Openvas
  ☆779Updated last year
• Neo23x0 / auditd
  Best Practice Auditd Configuration
  ☆1,739Updated last month
• StamusNetworks / scirius
  Scirius is a web application for Suricata ruleset management and threat hunting.
  ☆672Updated 3 weeks ago
• jasonish / evebox
  Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search
  ☆480Updated last week
• ovh / debian-cis
  PCI-DSS compliant Debian 11/12 hardening
  ☆972Updated 2 weeks ago
• Security-Onion-Solutions / security-onion
  Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management
  ☆3,109Updated 4 years ago
• toolswatch / vFeed
  The Correlated CVE Vulnerability And Threat Intelligence Database API
  ☆945Updated 4 years ago
• certtools / intelmq
  IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
  ☆1,106Updated last month
• seccubus / seccubus
  Easy automated vulnerability scanning, reporting and analysis
  ☆709Updated 6 years ago
• buffer / thug
  Python low-interaction honeyclient
  ☆1,020Updated last week
• tomchop / malcom
  Malcom - Malware Communications Analyzer
  ☆1,165Updated 8 years ago
• stamparm / ipsum
  Daily feed of bad IPs (with blacklist hit scores)
  ☆2,147Updated this week