Alternatives and similar repositories for apps:

Users that are interested in apps are comparing it to the libraries listed below

• salesforce / GQUIC_Protocol_Analyzer
  GQUIC Protocol Analyzer for Zeek (Bro) Network Security Monitor
  ☆75Updated last year
• bez0r / BeaconBits
  Network timing evaluation used to detect beacons, works with argus flow as the source
  ☆20Updated 8 years ago
• rsabir / bro-dsniff
  A dsniff project using bro
  ☆10Updated 9 years ago
• 0x4D31 / Presentations
  Some of the presentations given by me
  ☆18Updated 3 months ago
• zmap / pybulkwhois
  Python framework for manipulating bulk WHOIS data from RIRs
  ☆20Updated 2 years ago
• team-cymru / iocs
  We publish indicators of compromise related to our stories here. See https://blog.team-cymru.com/ for more information.
  ☆9Updated 3 years ago
• trisulnsm / trisul-scripts
  Ready to run scripts for network analysis
  ☆88Updated this week
• upa / ofpot
  OpenFlow Honeypot
  ☆23Updated 12 years ago
• redBorder / daq
  Snort/Suricata DAQ module with DPDK patch
  ☆11Updated 10 months ago
• trisulnsm / ja3prints
  JA3 TLS Fingerprint database
  ☆78Updated 5 years ago
• zeek / spicy-analyzers
  Growing collection of Spicy-based protocol and file analyzers for Zeek
  ☆32Updated 5 months ago
• caesar0301 / pcapdpi
  Using nDPI/openDPI to detect flow protocols from a PCAP file or live NIC. This program was modified from example in nDPI and I added a pe…
  ☆23Updated 8 years ago
• jheise / yarascanner
  Golang based web service to scan files with yara rules
  ☆27Updated 7 years ago
• sdnewhop / sdwan-harvester
  Automatically enumerate and fingerprint SD-WAN nodes on the internet
  ☆50Updated 3 years ago
• farsightsec / dnstable
  encoding format, library, and utilities for passive DNS data
  ☆26Updated 11 months ago
• stratosphereips / StratosphereLibSlips
  This is the C version of the StratosphereLinuxIPS. It is mainly used for integration with Snort and other IDSs.
  ☆12Updated 8 years ago
• mole-ids / mole
  Yara powered NIDS with high speed packet capture powered by PF_RING
  ☆68Updated 9 months ago
• SpiderLabs / ModSecurity-pcap
  The ModSecurity Pcap Connector
  ☆26Updated 9 years ago
• t2mune / nield
  A tool to generate log messages related to interfaces, neighbor cache (ARP,NDP), IP address, routing, FIB rules, traffic control.
  ☆32Updated 4 months ago
• c2defense / network-device-logs
  Analytics for Accounting logs from Network devices
  ☆17Updated 3 years ago
• logstash-plugins / logstash-codec-nmap
  NMap XML decoding for logstash
  ☆28Updated 2 years ago
• MITRECND / bro-http2
  Plugin for Zeek/Bro which provides http2 decoder/analyzer
  ☆31Updated 8 months ago
• trisulnsm / bitmaul
  A Lua helper library for creating network protocol dissectors
  ☆13Updated 4 years ago
• tintinweb / scapy-ssh
  ssh key exchange layer for scapy
  ☆13Updated 10 years ago
• D4-project / IPASN-History
  IP ASN History to find ASN announcing an IP and the closest prefix announcing it at a specific date
  ☆91Updated 5 months ago
• inetrg / spoki
  Artifacts of the USENIX Security 2022 paper "Spoki: Unveiling a New Wave of Scanners through a Reactive Network Telescope"
  ☆17Updated 2 months ago
• mozilla / zept
  INACTIVE - http://mzl.la/ghe-archive - Zeek Extreme Performance Tuning
  ☆26Updated 5 years ago
• runZeroInc / recog
  Pattern recognition for hosts, services, and content
  ☆13Updated 2 years ago
• zeek / zeek-agent-framework
  This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2
  ☆14Updated 4 years ago
• oherrala / xipology
  ☆18Updated last year