Alternatives and similar repositories for sf-apis:

Users that are interested in sf-apis are comparing it to the libraries listed below

• sysflow-telemetry / sf-collector
  SysFlow collection probe
  ☆16Updated 4 months ago
• 0xtf / nsm-attack
  Mapping NSM rules to MITRE ATT&CK
  ☆71Updated 4 years ago
• zeek / zeek-agent
  This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2
  ☆123Updated 4 years ago
• sysflow-telemetry / sysflow
  SysFlow documentation and issues tracker
  ☆46Updated 7 months ago
• zeek / zeek-osquery
  Bro/Zeek integration with osquery
  ☆94Updated 4 years ago
• salesforce / bro-sysmon
  How to Zeek Sysmon Logs!
  ☆101Updated 3 years ago
• endgameinc / eqllib
  ☆164Updated 4 years ago
• MITRECND / bro-http2
  Plugin for Zeek/Bro which provides http2 decoder/analyzer
  ☆31Updated 10 months ago
• zeek / zeek-agent-v2
  Open source endpoint agent providing host information to Zeek. [v2]
  ☆80Updated this week
• LiamRandall / bro-scripts
  Bro scripts to be shared with the community
  ☆109Updated 12 years ago
• beave / sagan-rules
  Rule sets for Sagan
  ☆103Updated 4 years ago
• endgameinc / eql
  ☆219Updated last year
• SpiderLabs / IOCs-IDPS
  This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)
  ☆102Updated 3 years ago
• blacktop / docker-zeek
  Zeek IDS Dockerfile
  ☆101Updated 2 years ago
• baronpan / SysmonHunter
  An easy ATT&CK-based Sysmon hunting tool, showing in Blackhat USA 2019 Arsenal
  ☆201Updated 3 years ago
• olafhartong / detection-sources
  ☆53Updated 6 years ago
• 401trg / detections
  This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant ya…
  ☆121Updated 4 years ago
• dgunter / evtxtoelk
  A lightweight tool to load Windows Event Log evtx files into Elasticsearch.
  ☆116Updated 4 years ago
• zeek / zeek-af_packet-plugin
  Plugin providing native AF_Packet support for Zeek.
  ☆34Updated last year
• regit / suriwire
  Wireshark plugin to display Suricata analysis info
  ☆94Updated 3 years ago
• oasis-open / cti-stix-elevator
  OASIS Cyber Threat Intelligence (CTI) TC Open Repository: Convert STIX 1.2 XML to STIX 2.x JSON
  ☆50Updated last year
• 0xtf / testmynids.org
  A website and framework for testing NIDS detection
  ☆57Updated 3 years ago
• zeek / zeekctl
  Tool for managing Zeek deployments.
  ☆56Updated 2 weeks ago
• SecurityRiskAdvisors / TALR
  Threat Alert Logic Repository
  ☆92Updated 6 years ago
• apache / metron-bro-plugin-kafka
  Apache Metron
  ☆59Updated 4 years ago
• OTRF / detection-hackathon-apt29
  Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets
  ☆137Updated 4 years ago
• StamusNetworks / suricata-language-server
  Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…
  ☆70Updated 3 weeks ago
• zeek / zeek-docker
  Docker files for building Zeek.
  ☆86Updated last year
• ozuriexv / SublimeSuricata
  ☆35Updated last year
• tatsuiman / malware-traffic-analysis.net
  Download pcap files from http://www.malware-traffic-analysis.net/
  ☆75Updated 7 years ago