trisulnsm / apps

Related projects: ⓘ

• salesforce / GQUIC_Protocol_Analyzer
  GQUIC Protocol Analyzer for Zeek (Bro) Network Security Monitor
  ☆75Updated last year
• caesar0301 / pcapdpi
  Using nDPI/openDPI to detect flow protocols from a PCAP file or live NIC. This program was modified from example in nDPI and I added a pe…
  ☆22Updated 8 years ago
• zeek / spicy-analyzers
  Growing collection of Spicy-based protocol and file analyzers for Zeek
  ☆32Updated this week
• MITRECND / bro-http2
  Plugin for Zeek/Bro which provides http2 decoder/analyzer
  ☆30Updated 3 months ago
• tintinweb / scapy-ssh
  ssh key exchange layer for scapy
  ☆13Updated 9 years ago
• bez0r / BeaconBits
  Network timing evaluation used to detect beacons, works with argus flow as the source
  ☆18Updated 8 years ago
• D4-project / BGP-Ranking
  BGP ranking is a free software to calculate the security ranking of Internet Service Provider (ASN)
  ☆68Updated 2 months ago
• irtimmer / bro-xdp_packet-plugin
  Plugin providing AF_XDP support for Bro.
  ☆14Updated 3 years ago
• socprime / SigmaRulesIntegration
  ☆15Updated 6 years ago
• trisulnsm / trisul-scripts
  Ready to run scripts for network analysis
  ☆83Updated 3 weeks ago
• sdnewhop / sdwan-harvester
  Automatically enumerate and fingerprint SD-WAN nodes on the internet
  ☆50Updated 3 years ago
• upa / ofpot
  OpenFlow Honeypot
  ☆22Updated 11 years ago
• D4-project / d4-core
  D4 core software (server and sample sensor client)
  ☆43Updated 8 months ago
• team-cymru / iocs
  We publish indicators of compromise related to our stories here. See https://blog.team-cymru.com/ for more information.
  ☆9Updated 3 years ago
• blacktop / brobeat
  ☆12Updated this week
• EmergingThreats / IDSDeathBlossom
  IDS Utility Belt For Automating/Testing Various Things
  ☆30Updated 3 years ago
• trisulnsm / ja3prints
  JA3 TLS Fingerprint database
  ☆72Updated 4 years ago
• farsightsec / dnstable
  encoding format, library, and utilities for passive DNS data
  ☆26Updated 5 months ago
• jheise / yarascanner
  Golang based web service to scan files with yara rules
  ☆26Updated 7 years ago
• ossec / ossec-rules
  A repository for OSSEC rules and decoders
  ☆51Updated last year
• defensivedepth / WinTAP
  Mirror network traffic from one interface to another on Windows
  ☆25Updated 4 years ago
• OISF / suricata-trafficid
  Application and service identification rules for Suricata
  ☆17Updated last year
• counterflow-ai-archive / dragonfly-mle
  ☆52Updated this week
• staaldraad / fastfluxanalysis
  Scripts to detect Fast-Flux and DGA using DNS query responses
  ☆42Updated 7 years ago
• FlUxIuS / p0f3plus
  A native and unofficial implementation of p0f3 in Python with extra analysis features: It's p0f3+!
  ☆25Updated 2 years ago
• D4-project / IPASN-History
  IP ASN History to find ASN announcing an IP and the closest prefix announcing it at a specific date
  ☆91Updated 2 months ago
• D4-project / sensor-d4-tls-fingerprinting
  Extract TLS certificates from pcap files or network interfaces, fingerprint TLS client/server interactions with ja3/ja3s
  ☆38Updated 4 years ago
• iot-onboarding / mud-visualizer
  mud-visualizer is a tool to visualize MUD files
  ☆9Updated 2 years ago
• jsiwek / zeek-cryptomining
  Detect cryptocurrency mining traffic with Zeek.
  ☆46Updated 3 years ago
• 0x4D31 / quick
  QUICk - a go library based on gopacket for analyzing QUIC CHLO messages
  ☆23Updated 4 years ago