Slips, a free software behavioral Python intrusion prevention system (IDS/IPS) that uses machine learning to detect malicious behaviors in the network traffic. Stratosphere Laboratory, AIC, FEL, CVUT in Prague.
☆861Mar 17, 2026Updated this week
Alternatives and similar repositories for StratosphereLinuxIPS
Users that are interested in StratosphereLinuxIPS are comparing it to the libraries listed below
Sorting:
- The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere …☆50Mar 12, 2018Updated 8 years ago
- The Attacker IP Prioritizer(AIP) dynamically generates resource-friendly IPv4 blocklists from Zeek network flows.☆32Nov 13, 2024Updated last year
- A completely automated anomaly detector Zeek network flows files (conn.log).☆82Aug 5, 2025Updated 7 months ago
- This is the C version of the StratosphereLinuxIPS. It is mainly used for integration with Snort and other IDSs.☆12Feb 15, 2017Updated 9 years ago
- The Stratosphere IPS is a free software IPS that uses network behavior to detect and block malicious actions.☆33May 24, 2016Updated 9 years ago
- A web-based tool to assist the work of the intuitive threat analysts.☆114Feb 9, 2019Updated 7 years ago
- Zeek plugin to generate data on per-packet sizes and intervals☆14Apr 21, 2020Updated 5 years ago
- Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark☆451Updated this week
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,516Jan 12, 2026Updated 2 months ago
- Scirius is a web application for Suricata ruleset management and threat hunting.☆675Dec 23, 2025Updated 2 months ago
- Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search☆485Updated this week
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆2,362Feb 19, 2026Updated last month
- Real-time, container-based file scanning at enterprise scale☆978Mar 6, 2026Updated 2 weeks ago
- Protocol Analysis/Decoder Framework☆497Dec 19, 2022Updated 3 years ago
- A Spicy protocol analyzer for WireGuard☆29Aug 11, 2020Updated 5 years ago
- A Suricata based NDR distribution☆1,588Sep 13, 2025Updated 6 months ago
- PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.☆165Updated this week
- FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network …☆681Oct 28, 2023Updated 2 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆124Nov 19, 2020Updated 5 years ago
- Open source endpoint agent providing host information to Zeek. [v2]☆90Mar 2, 2026Updated 2 weeks ago
- Suricata, Snort and Zeek IDS rule and pcap testing system☆511Mar 13, 2026Updated last week
- Your Everyday Threat Intelligence☆1,959Updated this week
- A network packet forensics tool for SSH☆254Feb 15, 2021Updated 5 years ago
- Main Sigma Rule Repository☆10,203Mar 15, 2026Updated last week
- Detect Tactics, Techniques & Combat Threats☆2,268Jan 21, 2026Updated 2 months ago
- Core information on Stratosphere's participation on the Google Summer of Code Program☆27Mar 19, 2024Updated 2 years ago
- Snort/Suricata DAQ module with DPDK patch☆11Apr 10, 2024Updated last year
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆172May 23, 2023Updated 2 years ago
- A tool to automatically decode and translate any TCP hexa payload data form any language to english.☆18Apr 23, 2022Updated 3 years ago
- Modular file scanning/analysis framework☆622Oct 8, 2019Updated 6 years ago
- Fast Incident Response☆1,999Mar 5, 2026Updated 2 weeks ago
- Actionable analytics designed to combat threats☆1,005May 25, 2022Updated 3 years ago
- Open Source EDR for Windows☆1,296Feb 25, 2023Updated 3 years ago
- Tenzir is the data pipeline engine for security teams.☆727Updated this week
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆791Mar 14, 2026Updated last week
- A Cyber Range to learn hacking (both attacking & defending) techniques locally in your computer☆131Mar 12, 2026Updated last week
- An open standard for hashing network flows into identifiers, a.k.a "Community IDs".☆194Sep 23, 2024Updated last year
- NFStream: a Flexible Network Data Analysis Framework.☆1,198Feb 15, 2026Updated last month
- Loki - Simple IOC and YARA Scanner☆3,733Jan 12, 2026Updated 2 months ago