Alternatives and similar repositories for sf-apis:

Users that are interested in sf-apis are comparing it to the libraries listed below

• sysflow-telemetry / sf-collector
  SysFlow collection probe
  ☆16Updated last month
• 0xtf / nsm-attack
  Mapping NSM rules to MITRE ATT&CK
  ☆69Updated 4 years ago
• zeek / zeek-agent
  This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2
  ☆123Updated 4 years ago
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆35Updated last year
• 0xtf / testmynids.org
  A website and framework for testing NIDS detection
  ☆57Updated 3 years ago
• sysflow-telemetry / sysflow
  SysFlow documentation and issues tracker
  ☆46Updated 5 months ago
• zeek / zeek-osquery
  Bro/Zeek integration with osquery
  ☆94Updated 4 years ago
• SpiderLabs / IOCs-IDPS
  This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)
  ☆100Updated 3 years ago
• zeek / zeek-af_packet-plugin
  Plugin providing native AF_Packet support for Zeek.
  ☆34Updated 10 months ago
• zeek / zeekctl
  Tool for managing Zeek deployments.
  ☆54Updated last week
• blacktop / docker-zeek
  Zeek IDS Dockerfile
  ☆100Updated 2 years ago
• zeek / zeek-training
  Zeek Training Materials/Products
  ☆37Updated this week
• 401trg / detections
  This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant ya…
  ☆121Updated 3 years ago
• SecurityRiskAdvisors / TALR
  Threat Alert Logic Repository
  ☆92Updated 6 years ago
• michalpurzynski / zeek-scripts
  zeek-scripts
  ☆43Updated 6 years ago
• CIRCL / PyPDNS
  Client API to query any Passive DNS implementation following the Passive DNS - Common Output Format.
  ☆76Updated last month
• endgameinc / eqllib
  ☆160Updated 4 years ago
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated 3 weeks ago
• Javierop20 / joy2ja3
  Python tool for converting from joy format to JA3 format SSL/TLS hashes
  ☆11Updated 4 years ago
• theparanoids / rdfp
  Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
  ☆39Updated last year
• OISF / suricata-verify
  Suricata Verification Tests - Testing Suricata Output
  ☆104Updated this week
• OTRF / detection-hackathon-apt29
  Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets
  ☆137Updated 4 years ago
• zeek / zeek-docker
  Docker files for building Zeek.
  ☆86Updated last year
• fireeye / OpenIOC_1.1
  ☆128Updated 3 years ago
• salesforce / bro-sysmon
  How to Zeek Sysmon Logs!
  ☆102Updated 3 years ago
• olafhartong / detection-sources
  ☆53Updated 6 years ago
• zeek / packages
  The default package source of the Zeek Package Manager. Wrote a package? See the README for how to get it included.
  ☆134Updated 3 weeks ago
• pevma / SEPTun
  Suricata Extreme Performance Tuning guide
  ☆207Updated 6 years ago
• socprime / SigmaUI
  SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)
  ☆185Updated 3 years ago
• baronpan / SysmonHunter
  An easy ATT&CK-based Sysmon hunting tool, showing in Blackhat USA 2019 Arsenal
  ☆201Updated 2 years ago