Alternatives and similar repositories for auditdBroFramework

Users that are interested in auditdBroFramework are comparing it to the libraries listed below

• EmergingThreats / IDSDeathBlossom
  IDS Utility Belt For Automating/Testing Various Things
  ☆30Updated 4 years ago
• jipegit / FECT
  Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer
  ☆42Updated 4 years ago
• SekoiaLab / FastIR_Agent
  FastIR Agent is a Windows service to execute FastIR Collector on demand
  ☆14Updated 8 years ago
• jheise / threatcmd
  Cli interface to threatcrowd.org
  ☆19Updated 8 years ago
• ikoniaris / thug-vagrant
  Vagrant configuration to setup a Thug honeyclient VM
  ☆20Updated 10 years ago
• gamelinux / echidna
  Network Security Monitoring Framework
  ☆47Updated 12 years ago
• chrisbdaemon / beartrap
  ☆19Updated 8 years ago
• Xen0ph0n / MIDAS
  Metadata Inspection Database Alerting System
  ☆42Updated 11 years ago
• SekoiaLab / FastIR_Server
  The FastIR Server is a Web server to schedule FastIR Collector forensics collect thanks to the FastIR Agent
  ☆12Updated 8 years ago
• gamelinux / activedns
  An active domain name query tool to help keep track of domain name movements...
  ☆15Updated 4 years ago
• praetorian-inc / dert
  DNS Enumeration and Reconnaissance Tool
  ☆36Updated 9 years ago
• da667 / dns2snort
  AYY LMAO
  ☆22Updated 9 years ago
• wolfpack1 / threatrecon
  API Tools
  ☆27Updated 9 years ago
• hiddenillusion / FileLookup
  Quick & dirty script to get info on a file from online resources (VirusTotal, Team Cymru, Shadow Server etc.)
  ☆30Updated 11 years ago
• clong / vagrant-ids
  An Ubuntu 16.04 build containing Suricata, PulledPork, Bro, and Splunk
  ☆23Updated 7 years ago
• corelan / dnshjmon
  dnshjmon is a free tool to monitor public DNS records and report hijacks
  ☆91Updated 11 years ago
• alexwebr / sshflow
  Proof-of-concept that makes a guess at what applications are being tunneled through an SSH session. It works primarily by analyzing packe…
  ☆10Updated 12 years ago
• cocaman / retefe
  Artefacts from various retefe campaigns
  ☆10Updated 6 years ago
• 0pc0deFR / YaraRules
  Multiple rules for yara-project for detect compiler/packer/protector
  ☆33Updated 5 years ago
• 3nc0d3r / NaishoDeNusumu
  Exfiltration Framework - Exfiltration modeling tool written in Python. Naisho attempts to avoid detection from DLP, IPS/IDS egress filter…
  ☆39Updated 10 years ago
• rj-chap / NFWorkshop
  Network Forensics Workshop Files
  ☆17Updated 10 years ago
• 504ensicsLabs / find_times
  Discover potential timestamps within the Windows Registry
  ☆19Updated 11 years ago
• 0x90 / lpe-arsenal
  Local privilege escalation scripts and tools
  ☆16Updated 8 years ago
• anl-cyberscience / LQMToolset
  Flexible framework that allows automation to process cyber threat information and update endpoint defense tools.
  ☆20Updated 6 years ago
• PidgeyL / MISP-Extractor
  Extract information from MISP via the API
  ☆15Updated 8 years ago
• aboutsecurity / Audit_Host-Baseline
  A set of Bash scripts that allows you to repeatably collect and compare baseline audit data from Linux and Windows systems
  ☆20Updated 11 years ago
• 403labs / recon-ng_modules
  Recon-ng modules that won't get accepted into the main distribution because of 3rd party dependencies.
  ☆18Updated 11 years ago
• cudeso / censys-certif-crawl
  Crawl certificate information from censys
  ☆8Updated 8 years ago
• MITRECND / bulk
  A content inspecting SMTP proxy
  ☆17Updated 11 years ago
• dougiep16 / actortrackr
  Home to the ActorTrackr source code
  ☆24Updated 8 years ago