Real-time Packet Observation Tool
☆39Sep 26, 2023Updated 2 years ago
Alternatives and similar repositories for rpot2
Users that are interested in rpot2 are comparing it to the libraries listed below
Sorting:
- My logstash plugins. Filter: sig (for security detect -> IOC, sig, New value, Reference, link, frequence, ...). Output: alert created by …☆10Jul 26, 2019Updated 6 years ago
- Using nDPI/openDPI to detect flow protocols from a PCAP file or live NIC. This program was modified from example in nDPI and I added a pe…☆23May 6, 2016Updated 9 years ago
- It is a platform to use multiprocess to combine dpdk and libnids together to support analyse packets in 10G port.☆39Nov 19, 2014Updated 11 years ago
- Python script to automatically create sigma rules from The hive observables☆25Mar 17, 2019Updated 6 years ago
- tcp reassembly☆28Feb 15, 2022Updated 4 years ago
- DFIR notebooks GCIH Gold project, paper☆12Apr 30, 2015Updated 10 years ago
- Feed for verious malicious IPs such as malware and botnets☆12Jun 20, 2016Updated 9 years ago
- ☆12Apr 26, 2018Updated 7 years ago
- A dsniff project using bro☆11Jan 25, 2016Updated 10 years ago
- Node scripts to get, filter and import github repo data☆18Jun 25, 2022Updated 3 years ago
- golang helpers to call OS commands☆18Jul 21, 2020Updated 5 years ago
- SACTI - Securely aggregate CTI sightings and report them on MISP☆14Oct 24, 2022Updated 3 years ago
- scan-detection policies for bro☆16Jan 16, 2025Updated last year
- ☆19Mar 31, 2019Updated 6 years ago
- golang tool for #gitflow #semanticversioning #semver #git #cli #versioncontrol #developertool☆16Jun 21, 2023Updated 2 years ago
- The User Activity Logging Engine, or User-ALE, is a logging mechanism used to quantitatively assess the behavioural and cognitive state o…☆13Aug 26, 2016Updated 9 years ago
- ☆19Oct 11, 2017Updated 8 years ago
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆65Oct 31, 2017Updated 8 years ago
- Tachikoma is a security alerting framework for human beings☆22Sep 7, 2018Updated 7 years ago
- ☆14Jan 14, 2026Updated last month
- Tranalyzer generates extended netflow-like flow statistics from large pcap files or extensive ethernet interface measurements. It is inte…☆18Nov 14, 2018Updated 7 years ago
- Syslinux menu scripts to put mulitple livecd distributions on a single USB device.☆26Feb 20, 2026Updated 2 weeks ago
- Lua binding to the nDPI library using the LuaJIT FFI☆16Nov 5, 2020Updated 5 years ago
- Hakabana monitoring tool using Haka, ElastcSearch and Kibana☆20Sep 24, 2014Updated 11 years ago
- Plugin providing AF_XDP support for Bro.☆14May 10, 2021Updated 4 years ago
- ☆21Oct 16, 2021Updated 4 years ago
- This repository contains tools used by 401trg.☆20Apr 14, 2021Updated 4 years ago
- Apply Machine Learning and Game Theory to improve the security of the Turris network of CZ.NIC☆24Sep 24, 2019Updated 6 years ago
- Build Automated Machine Images for MISP☆29Jun 9, 2023Updated 2 years ago
- PhishDetect is a library to help identify phishing pages☆108May 11, 2023Updated 2 years ago
- Kibana 6 Templates for Suricata IDPS Threat Hunting☆24Mar 5, 2019Updated 7 years ago
- Dockerized Apache Druid for testing and development☆24Jan 24, 2020Updated 6 years ago
- Providing timelines based on OSINT Reports☆31Jun 21, 2023Updated 2 years ago
- Network visualizer tool built using Processing☆24Jun 23, 2021Updated 4 years ago
- pocket guide for core threat hunting concepts☆23May 6, 2020Updated 5 years ago
- Browse Elasticsearch like a filesystem.☆28Aug 19, 2016Updated 9 years ago
- Home to the ActorTrackr source code☆24Jun 21, 2017Updated 8 years ago
- ☆11Feb 9, 2023Updated 3 years ago
- Collection of best practices to add OSINT into MISP and/or MISP communities☆65Sep 29, 2023Updated 2 years ago