Alternatives and similar repositories for auditdBroFramework

Users that are interested in auditdBroFramework are comparing it to the libraries listed below

• EmergingThreats / IDSDeathBlossom
  IDS Utility Belt For Automating/Testing Various Things
  ☆30Updated 4 years ago
• alexwebr / sshflow
  Proof-of-concept that makes a guess at what applications are being tunneled through an SSH session. It works primarily by analyzing packe…
  ☆10Updated 11 years ago
• SekoiaLab / FastIR_Agent
  FastIR Agent is a Windows service to execute FastIR Collector on demand
  ☆14Updated 8 years ago
• CIRCL / traceroute-circl
  Traceroute improved wrapper for CSIRT and CERT operators
  ☆38Updated 8 months ago
• jipegit / FECT
  Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer
  ☆42Updated 4 years ago
• udishamir / Domain-Analyzer
  Detect malicious domain, Blablablablabla
  ☆26Updated 8 years ago
• automayt / FlowPlotter
  Generates visualizations from the output of flow tools such as SiLK.
  ☆35Updated 8 years ago
• praetorian-inc / dert
  DNS Enumeration and Reconnaissance Tool
  ☆37Updated 9 years ago
• 1aN0rmus / TekDefense-hashMonitor
  Collect hashes password hashes for cracking
  ☆31Updated 11 years ago
• PaulSec / SSLBlackList
  (Unofficial) Python API for https://sslbl.abuse.ch/
  ☆11Updated 8 years ago
• jheise / threatcmd
  Cli interface to threatcrowd.org
  ☆19Updated 7 years ago
• Xen0ph0n / MIDAS
  Metadata Inspection Database Alerting System
  ☆42Updated 11 years ago
• adulau / passive-dns-atlas
  Passive DNS collection (and statistics) from RIPE Atlas Sensors
  ☆19Updated 8 years ago
• thirdeyeintelligence / Memoirs-of-a-Threat-Hunter
  My personal experience in Threat Hunting and knowledge gained so far.
  ☆19Updated 8 years ago
• socprime / SigmaRulesIntegration
  ☆15Updated 7 years ago
• SekoiaLab / FastIR_Server
  The FastIR Server is a Web server to schedule FastIR Collector forensics collect thanks to the FastIR Agent
  ☆12Updated 8 years ago
• t2mune / nield
  A tool to generate log messages related to interfaces, neighbor cache (ARP,NDP), IP address, routing, FIB rules, traffic control.
  ☆32Updated 8 months ago
• ikoniaris / thug-vagrant
  Vagrant configuration to setup a Thug honeyclient VM
  ☆20Updated 10 years ago
• 0pc0deFR / YaraRules
  Multiple rules for yara-project for detect compiler/packer/protector
  ☆33Updated 5 years ago
• cudeso / censys-certif-crawl
  Crawl certificate information from censys
  ☆8Updated 8 years ago
• jusafing / pnaf
  Passive Network Audit Framework
  ☆32Updated 7 years ago
• Raikia / CredSwissArmy
  DEPRECATED! LOOK AT CREDNINJA! A tool designed to identify if credentials are valid, invalid, or local admin valid credentials within a …
  ☆15Updated 8 years ago
• Rafiot / bgp-ranking
  For an Internet Service Provider, AS numbers are a logical representation of the other ISP peering or communicating with his autonomous s…
  ☆22Updated 9 years ago
• cert-se / megatron-java
  Megatron - A System for Abuse- and Incident Handling
  ☆44Updated 8 years ago
• StamusNetworks / ansible-misp
  Ansible playbook to install Malware Information Sharing Platform (MISP)
  ☆17Updated 10 years ago
• wolfpack1 / threatrecon
  API Tools
  ☆27Updated 9 years ago
• clong / vagrant-ids
  An Ubuntu 16.04 build containing Suricata, PulledPork, Bro, and Splunk
  ☆23Updated 6 years ago
• sheharbano / Correlation-Framework
  A framework that correlates Bro events
  ☆18Updated 11 years ago
• paralax / BurningDogs
  Honeypot log processor to create OTX Pulse entries
  ☆28Updated last year
• gamelinux / activedns
  An active domain name query tool to help keep track of domain name movements...
  ☆15Updated 4 years ago