Alternatives and similar repositories for totalads:

Users that are interested in totalads are comparing it to the libraries listed below

• bez0r / BeaconBits
  Network timing evaluation used to detect beacons, works with argus flow as the source
  ☆20Updated 8 years ago
• chrislee35 / yaratool
  Python libary to normalize Yara signatures
  ☆19Updated 4 years ago
• ktneely / ir-scripts
  Random scripts for log mining, intel gathering, network querying, and other incident response-ish activities
  ☆16Updated 2 years ago
• salspaugh / splparser
  Simple parser for Splunk Processing Language (SPL) written in Python.
  ☆35Updated 6 years ago
• cameling / logminer
  Mine patterns from logs
  ☆27Updated 8 years ago
• fredtheranger / network-visualizaton-tool
  Network forensics tool to parse pcap and provide visualizations using D3.js
  ☆15Updated 11 years ago
• socprime / SigmaRulesIntegration
  ☆15Updated 7 years ago
• MalwareSoup / sysmon2neo4j
  ☆15Updated 7 years ago
• JustinAzoff / flow-indexer
  Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files
  ☆44Updated 10 months ago
• morrigan / user-behavior-anomaly-detector
  User anomaly detector based on logs generated by Osquery framework and machine learning to process those logs.
  ☆33Updated 7 years ago
• 0xrawsec / gene-rules
  ☆39Updated 2 years ago
• farsightsec / sie-dns-sensor
  Debian and Red Hat packaging for SIE DNS sensor
  ☆15Updated last year
• g-clef / KafkaLogger
  Logging plugin to bro to send logs to a Kafka broker
  ☆20Updated 7 years ago
• bigsnarfdude / machineLearning
  POC IDS anomaly detection engine built with iPython notebook, matplotlib, pandas, numpy, scikit-learn, d3.js, hyperloglog implementation,…
  ☆79Updated 10 years ago
• CIRCL / ssdc
  ssdeep based clustering tool
  ☆14Updated 9 years ago
• abhinavbom / Yara-Rules
  A collection of Yara rules I have created so far
  ☆16Updated 4 years ago
• micrictor / spl-spt
  Zeek plugin to generate data on per-packet sizes and intervals
  ☆14Updated 4 years ago
• dgunter / ParseZeekLogs
  Utility for parsing Bro log files into CSV or JSON format
  ☆41Updated 2 years ago
• eSentire / malfeed
  Feed for verious malicious IPs such as malware and botnets
  ☆12Updated 8 years ago
• ssallys / p3
  An open source pcap packet and NetFlow file analysis tool using Hadoop MapReduce and Hive.
  ☆43Updated 11 years ago
• 9b / pcap_tools
  Help summarize a PCAP file
  ☆33Updated 13 years ago
• pauloangelo / hogzilla
  Hogzilla is an Intrusion Detection System (IDS) supported by Snort, Apache Spark, HBase and libnDPI, which provides Network Anomaly Detec…
  ☆28Updated 6 years ago
• CERT-Bund / yara-exporter
  Exporting MISP event attributes to yara rules usable with Thor apt scanner
  ☆24Updated 8 years ago
• corelight / got_zoom
  A Zeek package that detects Zoom logins and meeting joins
  ☆12Updated 4 years ago
• SekoiaLab / FastIR_Server
  The FastIR Server is a Web server to schedule FastIR Collector forensics collect thanks to the FastIR Agent
  ☆12Updated 7 years ago
• nccgroup / JA3_outlier
  Incremental Machine Leaning by example - Detecting suspicious activity in real time with Zeek data streams, River and JA3 hashes
  ☆15Updated 2 years ago
• cloudjunky / malware-traffic
  Download all packet captures from http://malware-traffic-analysis.net/
  ☆20Updated 10 years ago
• set-element / auditdBroFramework
  The Auditd Framework logs and applies security policy to linux auditd data
  ☆15Updated 7 years ago
• blazeinfosec / Flame
  Flame - Send vulnerabilities reports to SIEM
  ☆15Updated 8 years ago
• Phoul / yara_rules
  yara rules for crypto detection
  ☆30Updated 10 years ago