satta / gommunityidLinks
Go implementation of the Community ID flow hashing standard
☆20Updated 4 months ago
Alternatives and similar repositories for gommunityid
Users that are interested in gommunityid are comparing it to the libraries listed below
Sorting:
- Yara powered NIDS with high speed packet capture powered by PF_RING☆69Updated last year
- Bro analyzer that detects Google's QUIC protocol☆10Updated 4 years ago
- Recog-Go: Pattern Recognition using Rapid7 Recog☆115Updated 2 years ago
- Zeek package to generate a SMB client fingerprint☆27Updated 5 years ago
- Suricata rule and intel index☆31Updated last month
- How to Zeek Sysmon Logs!☆102Updated 3 years ago
- fast, extensible, versatile event router for Suricata's EVE-JSON format☆55Updated 4 months ago
- A lightweight tool to score network traffic and flag anomalies☆123Updated last year
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Updated 4 years ago
- This repository contains tools used by 401trg.☆20Updated 4 years ago
- Growing collection of Spicy-based protocol and file analyzers for Zeek☆31Updated 11 months ago
- DHCP Fingerprinting☆29Updated 4 years ago
- Golang based web service to scan files with yara rules☆26Updated 8 years ago
- Check IOC provided by a MISP instance on Suricata events☆18Updated 6 years ago
- Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert☆36Updated 2 years ago
- Wireshark plugin to display Suricata analysis info☆95Updated 3 years ago
- enpoint detection / live analysis & sandbox host / signatures quality test☆44Updated 4 years ago
- A Go implementation of JARM☆119Updated 3 years ago
- A cyber threat intelligence server based on TAXII 2 and written in Golang☆31Updated 5 years ago
- APIs for generating STIX 2.1 and TAXII 2.1 messages with Go (Golang)☆54Updated 8 months ago
- ☆12Updated 3 years ago
- Scripts to detect Fast-Flux and DGA using DNS query responses☆43Updated 8 years ago
- Accurate, modular, scalable PCAP manipulation tool written in Go.☆94Updated last year
- ☆41Updated 2 years ago
- A Spicy protocol analyzer for WireGuard☆29Updated 5 years ago
- Bro PCAP Processing and Tagging API☆28Updated 7 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆121Updated 4 years ago
- server for indexing and querying passive DNS observations☆47Updated last month
- simple YARA-based IOC scanner☆169Updated 3 weeks ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆79Updated 2 months ago