Alternatives and similar repositories for zeek_anomaly_detector

Users that are interested in zeek_anomaly_detector are comparing it to the libraries listed below

• 0xtf / nsm-attack
  Mapping NSM rules to MITRE ATT&CK
  ☆72Updated 5 years ago
• SCILabsMX / yaraZeekAlert
  This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…
  ☆62Updated last year
• vlegoy / rcATT
  A python app to predict Att&ck tactics and techniques from cyber threat reports
  ☆127Updated 2 years ago
• hgascon / security-datasets
  A collection of resources for security data
  ☆41Updated 8 years ago
• michalpurzynski / zeek-scripts
  zeek-scripts
  ☆45Updated 6 years ago
• elcabezzonn / Pcaps
  ☆54Updated last year
• dgunter / ParseZeekLogs
  Utility for parsing Bro log files into CSV or JSON format
  ☆42Updated 2 years ago
• MISP / misp-objects
  Definition, description and relationship types of MISP objects
  ☆103Updated 2 weeks ago
• Kirtar22 / ATTACK-Threat_Intel
  Graph Representation of MITRE ATT&CK's CTI data
  ☆50Updated 6 years ago
• neu5ron / TMInfosec
  Repository of all the sites related to infosec IP/Domain/Hash/SSL/etc OSINT and eventually will include more.
  ☆69Updated last month
• yukh1402 / cti-stix-diamond-activity-attack-graph
  STIX 2.1 Visualizer, Attack and Activity Thread Graph for Threat Modeling
  ☆33Updated 11 months ago
• fhightower / ioc-finder
  Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security relate…
  ☆177Updated 2 years ago
• tatsuiman / malware-traffic-analysis.net
  Download pcap files from http://www.malware-traffic-analysis.net/
  ☆80Updated 7 years ago
• cmu-sei / cyobstract
  A tool to extract structured cyber information from incident reports.
  ☆82Updated 7 years ago
• freetaxii / stix2-graphics
  Graphics, icons, and diagrams to support STIX 2
  ☆47Updated 4 years ago
• zeek / zeek-training
  Zeek Training Materials/Products
  ☆40Updated this week
• unfetter-discover / unfetter-insight
  Unfetter Insight performs natural language processing and analysis for text data to determine and convert to CTI Stix data automatically.
  ☆20Updated 7 years ago
• tylabs / dovehawk
  Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
  ☆122Updated 4 years ago
• smartgridadsc / Goose-protocol-parser-for-Zeek-IDS
  ☆22Updated 3 years ago
• amzn / zeek-plugin-enip
  Zeek network security monitor plugin that enables parsing of the Ethernet/IP and Common Industrial Protocol standards
  ☆46Updated last year
• idaholab / STIG
  Structured Threat Intelligence Graph
  ☆97Updated last month
• FiveDirections / OpTC-data
  ☆126Updated 5 years ago
• 401trg / detections
  This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant ya…
  ☆122Updated 4 years ago
• zeek / zeek-agent
  This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2
  ☆123Updated 5 years ago
• Loginsoft-LLC / threat-detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆53Updated 3 years ago
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆37Updated 2 years ago
• s-tip / stip-common
  Seamless Threat Intelligence Platform
  ☆47Updated last year
• certego / PcapMonkey
  PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.
  ☆159Updated 8 months ago
• stratosphereips / StratosphereTestingFramework
  The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere …
  ☆50Updated 7 years ago
• MISP / docker-misp
  Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
  ☆105Updated last year