Alternatives and similar repositories for PCAP-Index:

Users that are interested in PCAP-Index are comparing it to the libraries listed below

• Phoul / yara_rules
  yara rules for crypto detection
  ☆30Updated 10 years ago
• hempnall / broyara
  integrating bro into yara
  ☆33Updated 10 years ago
• EmergingThreats / IDSDeathBlossom
  IDS Utility Belt For Automating/Testing Various Things
  ☆30Updated 4 years ago
• anthonykasza / scratch_pad
  Bro Snippets
  ☆21Updated 10 years ago
• automayt / FlowPlotter
  Generates visualizations from the output of flow tools such as SiLK.
  ☆35Updated 8 years ago
• 0pc0deFR / YaraRules
  Multiple rules for yara-project for detect compiler/packer/protector
  ☆33Updated 5 years ago
• ring0x0 / honeydrops
  An automated collection and analysis of malware from my honeypots.
  ☆25Updated 7 years ago
• MITRECND / htpy
  Python bindings to libhtp
  ☆30Updated 4 years ago
• mschiffm / cppip
  The Compressed Pcap Packet Indexing Program
  ☆27Updated 9 years ago
• JustinAzoff / flow-indexer
  Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files
  ☆44Updated 10 months ago
• bez0r / BeaconBits
  Network timing evaluation used to detect beacons, works with argus flow as the source
  ☆20Updated 8 years ago
• paralax / BurningDogs
  Honeypot log processor to create OTX Pulse entries
  ☆29Updated last year
• zeek / time-machine
  Time-Machine Dynamic Bulk Packet Recorder
  ☆36Updated last year
• ncsa / bro-simple-scan
  ☆15Updated 10 months ago
• stratosphereips / whois-similarity-distance
  This python scripts can calculate the WHOIS Similarity Distance between two given domains.
  ☆30Updated 2 years ago
• binarlyhq / binarly-query
  Command-line Interface for Binar.ly
  ☆37Updated 8 years ago
• CrySyS / membrane
  Membrane: A Posteriori Detection of Malicious Code Loading by Memory Paging Analysis
  ☆42Updated 8 years ago
• g-clef / KafkaLogger
  Logging plugin to bro to send logs to a Kafka broker
  ☆20Updated 7 years ago
• spitfire55 / MegaDev
  Bro IDS + ELK Stack to detect and block data exfiltration
  ☆46Updated 6 years ago
• MITRECND / yaraprocessor
  Yara is awesome, but sometimes you need to manipulate the data streams you're scanning in different ways.
  ☆97Updated 10 years ago
• SuperCowPowers / old-workbench-archived
  Workbench: A scalable python framework for security research and development teams.
  ☆91Updated 5 years ago
• Kafeine / public
  ☆19Updated 6 years ago
• haka-security / hakabana
  Hakabana monitoring tool using Haka, ElastcSearch and Kibana
  ☆20Updated 10 years ago
• set-element / auditdBroFramework
  The Auditd Framework logs and applies security policy to linux auditd data
  ☆15Updated 7 years ago
• jheise / threatcmd
  Cli interface to threatcrowd.org
  ☆19Updated 7 years ago
• initconf / scan-NG
  scan-detection policies for bro
  ☆15Updated last month
• xme / mime2vt
  Unpack MIME attachments from a file and check them against virustotal.com
  ☆45Updated 9 years ago
• chrislee35 / yaratool
  Python libary to normalize Yara signatures
  ☆19Updated 4 years ago
• sethhall / bro-apt1
  This is a script module for Bro that encapsulates and detects activity related to the Mandiant APT1 report.
  ☆47Updated 11 years ago
• Mipu94 / BroIDS_Unicorn
  simple plugin to detect shellcode on Bro IDS with Unicorn
  ☆33Updated 8 years ago