Slips, a free software behavioral Python intrusion prevention system (IDS/IPS) that uses machine learning to detect malicious behaviors in the network traffic. Stratosphere Laboratory, AIC, FEL, CVUT in Prague.
☆859Updated this week
Alternatives and similar repositories for StratosphereLinuxIPS
Users that are interested in StratosphereLinuxIPS are comparing it to the libraries listed below
Sorting:
- The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere …☆50Mar 12, 2018Updated 7 years ago
- A completely automated anomaly detector Zeek network flows files (conn.log).☆82Aug 5, 2025Updated 6 months ago
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,516Jan 12, 2026Updated last month
- The Stratosphere IPS is a free software IPS that uses network behavior to detect and block malicious actions.☆33May 24, 2016Updated 9 years ago
- Zeek plugin to generate data on per-packet sizes and intervals☆14Apr 21, 2020Updated 5 years ago
- A web-based tool to assist the work of the intuitive threat analysts.☆114Feb 9, 2019Updated 7 years ago
- Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search☆485Feb 19, 2026Updated last week
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆2,344Feb 19, 2026Updated last week
- A Suricata based NDR distribution☆1,588Sep 13, 2025Updated 5 months ago
- Real-time, container-based file scanning at enterprise scale☆975Updated this week
- Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark☆449Jan 16, 2024Updated 2 years ago
- Scirius is a web application for Suricata ruleset management and threat hunting.☆673Dec 23, 2025Updated 2 months ago
- Protocol Analysis/Decoder Framework☆497Dec 19, 2022Updated 3 years ago
- Your Everyday Threat Intelligence☆1,951Feb 12, 2026Updated 2 weeks ago
- FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network …☆679Oct 28, 2023Updated 2 years ago
- A Spicy protocol analyzer for WireGuard☆29Aug 11, 2020Updated 5 years ago
- Actionable analytics designed to combat threats☆1,005May 25, 2022Updated 3 years ago
- Detect Tactics, Techniques & Combat Threats☆2,263Jan 21, 2026Updated last month
- Re-play Security Events☆1,723Mar 20, 2024Updated last year
- Suricata, Snort and Zeek IDS rule and pcap testing system☆512Feb 17, 2026Updated last week
- Modular file scanning/analysis framework☆622Oct 8, 2019Updated 6 years ago
- This is the C version of the StratosphereLinuxIPS. It is mainly used for integration with Snort and other IDSs.☆12Feb 15, 2017Updated 9 years ago
- Fast Incident Response☆1,995Feb 17, 2026Updated last week
- Loki - Simple IOC and YARA Scanner☆3,726Jan 12, 2026Updated last month
- PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.☆164Mar 27, 2025Updated 11 months ago
- Tenzir is the data pipeline engine for security teams.☆722Updated this week
- Main Sigma Rule Repository☆10,145Feb 19, 2026Updated last week
- TheHive is a Collaborative Case Management Platform, now distributed as a commercial version☆3,890Jul 25, 2025Updated 7 months ago
- An open standard for hashing network flows into identifiers, a.k.a "Community IDs".☆195Sep 23, 2024Updated last year
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆124Nov 19, 2020Updated 5 years ago
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,486Jan 12, 2026Updated last month
- Open Source EDR for Windows☆1,297Feb 25, 2023Updated 3 years ago
- DRAKVUF Sandbox - automated hypervisor-level malware analysis system☆1,266Feb 20, 2026Updated last week
- Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by devel…☆719Nov 14, 2025Updated 3 months ago
- brostash: Linux distribution based on Debian and focusing on network security events collection☆33Aug 30, 2020Updated 5 years ago
- GQUIC Protocol Analyzer for Zeek (Bro) Network Security Monitor☆80Sep 13, 2023Updated 2 years ago
- Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run yo…☆3,953Feb 20, 2026Updated last week
- CyCAT.org API back-end server including crawlers☆29Feb 4, 2023Updated 3 years ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆785Feb 22, 2026Updated last week