Alternatives and similar repositories for apps:

Users that are interested in apps are comparing it to the libraries listed below

• salesforce / GQUIC_Protocol_Analyzer
  GQUIC Protocol Analyzer for Zeek (Bro) Network Security Monitor
  ☆75Updated last year
• zmap / pybulkwhois
  Python framework for manipulating bulk WHOIS data from RIRs
  ☆20Updated 2 years ago
• jheise / yarascanner
  Golang based web service to scan files with yara rules
  ☆27Updated 7 years ago
• tintinweb / scapy-ssh
  ssh key exchange layer for scapy
  ☆13Updated 10 years ago
• rsabir / bro-dsniff
  A dsniff project using bro
  ☆10Updated 9 years ago
• bez0r / BeaconBits
  Network timing evaluation used to detect beacons, works with argus flow as the source
  ☆19Updated 8 years ago
• t2mune / nield
  A tool to generate log messages related to interfaces, neighbor cache (ARP,NDP), IP address, routing, FIB rules, traffic control.
  ☆32Updated 3 months ago
• corelight / zeek-quic
  Bro analyzer that detects Google's QUIC protocol
  ☆10Updated 3 years ago
• FlUxIuS / p0f3plus
  A native and unofficial implementation of p0f3 in Python with extra analysis features: It's p0f3+!
  ☆25Updated 2 years ago
• 0x4D31 / Presentations
  Some of the presentations given by me
  ☆17Updated 2 months ago
• sdnewhop / sdwan-harvester
  Automatically enumerate and fingerprint SD-WAN nodes on the internet
  ☆50Updated 3 years ago
• schmalle / MysqlPot
  A mysql honeypot, still very very early stage
  ☆21Updated 12 years ago
• trisulnsm / ja3prints
  JA3 TLS Fingerprint database
  ☆75Updated 5 years ago
• OISF / suricata-intel-index
  Suricata rule and intel index
  ☆30Updated last month
• 0x4D31 / quick
  QUICk - a go library based on gopacket for analyzing QUIC CHLO messages
  ☆22Updated 4 years ago
• alertflex / cnode
  alertflex controller
  ☆10Updated last year
• zeek / spicy-analyzers
  Growing collection of Spicy-based protocol and file analyzers for Zeek
  ☆31Updated 4 months ago
• irtimmer / bro-xdp_packet-plugin
  Plugin providing AF_XDP support for Bro.
  ☆14Updated 3 years ago
• woanware / bgp-watcher
  Prototype system to monitor BGP routes and alert when anomalies are identified
  ☆14Updated 6 years ago
• D4-project / analyzer-d4-passivedns
  A Passive DNS backend and collector
  ☆31Updated 2 years ago
• farsightsec / dnstable
  encoding format, library, and utilities for passive DNS data
  ☆26Updated 10 months ago
• defensivedepth / WinTAP
  Mirror network traffic from one interface to another on Windows
  ☆25Updated 4 years ago
• horia141 / sdhash
  Python library for image hashing and deduplication
  ☆11Updated 8 years ago
• SpiderLabs / ModSecurity-pcap
  The ModSecurity Pcap Connector
  ☆26Updated 9 years ago
• stratosphereips / StratosphereLibSlips
  This is the C version of the StratosphereLinuxIPS. It is mainly used for integration with Snort and other IDSs.
  ☆12Updated 7 years ago
• PidgeyL / cve-search
  cve-search is a tool to import CVE (Common Vulnerabilities and Exposures) and CPE (Common Platform Enumeration) into a MongoDB to facilit…
  ☆25Updated 7 years ago
• wallarm / libdetection
  Signature-free approach library to detect injection and commanding attacks
  ☆86Updated 3 years ago
• mthbernardes / shaggy-rogers
  Scan blob files for sensitive content
  ☆11Updated 2 years ago
• AlkenePan / awesome-bro
  Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))
  ☆32Updated 4 years ago
• EmergingThreats / IDSDeathBlossom
  IDS Utility Belt For Automating/Testing Various Things
  ☆30Updated 4 years ago