sshahriyar / totaladsLinks
Total Anomaly Detection System for software logs and traces
☆10Updated 9 years ago
Alternatives and similar repositories for totalads
Users that are interested in totalads are comparing it to the libraries listed below
Sorting:
- Network timing evaluation used to detect beacons, works with argus flow as the source☆20Updated 9 years ago
- Mine patterns from logs☆27Updated 8 years ago
- The Auditd Framework logs and applies security policy to linux auditd data☆15Updated 7 years ago
- • Packet capture (PCAP) file analysis to analyze traffic sent by malicious IP address.☆12Updated 10 years ago
- Zeek script library for getting the effective TLD of a domain.☆14Updated last year
- Using nDPI/openDPI to detect flow protocols from a PCAP file or live NIC. This program was modified from example in nDPI and I added a pe…☆23Updated 9 years ago
- Set of scripts to index PCAP files and retrieve packets☆14Updated 9 years ago
- Simple parser for Splunk Processing Language (SPL) written in Python.☆35Updated 7 years ago
- Getting Started with ELK☆50Updated 9 years ago
- pcapdj - dispatch pcap files☆46Updated 4 years ago
- Utility for parsing Bro log files into CSV or JSON format☆41Updated 2 years ago
- An open source pcap packet and NetFlow file analysis tool using Hadoop MapReduce and Hive.☆44Updated 11 years ago
- A Zeek package that detects Zoom logins and meeting joins☆12Updated 5 years ago
- dns logger for passive dns collection☆42Updated 13 years ago
- The FastIR Server is a Web server to schedule FastIR Collector forensics collect thanks to the FastIR Agent☆12Updated 8 years ago
- ☆15Updated 7 years ago
- Network Forensics Workshop Files☆17Updated 10 years ago
- A preprocessor module for Snort that uses ML algorithms for pruning, clustering and finding correlation between alerts☆31Updated 6 years ago
- brostash: Linux distribution based on Debian and focusing on network security events collection☆34Updated 4 years ago
- Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files☆44Updated last year
- automatic enumeration and maintenance of Suricata monitoring interfaces☆11Updated 5 years ago
- Network visualizer tool built using Processing☆24Updated 4 years ago
- CertWatcher is a new take on monitoring for phishing sites. It is meant to be a set and forget service that will send you a daily report …☆10Updated 4 years ago
- A cyber threat intelligence server based on TAXII 2 and written in Golang☆30Updated 5 years ago
- Integration between SIEMs and TAXII services☆10Updated 2 years ago
- Generates visualizations from the output of flow tools such as SiLK.☆35Updated 8 years ago
- Flame - Send vulnerabilities reports to SIEM☆15Updated 8 years ago
- ☆14Updated last year
- Python libary to normalize Yara signatures☆19Updated 4 years ago
- Scripts to detect Fast-Flux and DGA using DNS query responses☆43Updated 8 years ago