Alternatives and similar repositories for Network-Forensics

Users that are interested in Network-Forensics are comparing it to the libraries listed below

• fredtheranger / network-visualizaton-tool
  Network forensics tool to parse pcap and provide visualizations using D3.js
  ☆15Updated 11 years ago
• bez0r / pDNS2
  Passive DNS V2
  ☆60Updated 11 years ago
• dgunter / ParseZeekLogs
  Utility for parsing Bro log files into CSV or JSON format
  ☆41Updated 2 years ago
• EmergingThreats / IDSDeathBlossom
  IDS Utility Belt For Automating/Testing Various Things
  ☆30Updated 4 years ago
• bez0r / BeaconBits
  Network timing evaluation used to detect beacons, works with argus flow as the source
  ☆20Updated 9 years ago
• aboutsecurity / Bro-samples
  Network Forensics Bro scripts & pcap samples
  ☆62Updated 11 years ago
• set-element / auditdBroFramework
  The Auditd Framework logs and applies security policy to linux auditd data
  ☆15Updated 7 years ago
• malice-plugins / yara
  Malice Yara Plugin
  ☆30Updated 5 years ago
• SekoiaLab / FastIR_Server
  The FastIR Server is a Web server to schedule FastIR Collector forensics collect thanks to the FastIR Agent
  ☆12Updated 8 years ago
• RamadhanAmizudin / python-icap-yara
  An ICAP Server with yara scanner for URL and content.
  ☆59Updated 7 months ago
• egaus / malicious_url_analysis
  ☆18Updated 7 years ago
• armedpot / honeytrap
  Last download from git://git.carnivore.it/honeytrap.git of Honytrap by Tillmann Werner
  ☆43Updated 3 years ago
• neu5ron / malware-traffic-analysis-pcaps
  malware-traffic-analysis.net PCAPs repository.
  ☆38Updated 9 years ago
• staaldraad / fastfluxanalysis
  Scripts to detect Fast-Flux and DGA using DNS query responses
  ☆43Updated 8 years ago
• jipegit / FECT
  Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer
  ☆42Updated 4 years ago
• mpars0ns / scansio-sonar-es
  Python scripts to parse scans.io ssl data and ingest into elasticsearch for searching
  ☆33Updated 9 years ago
• corelight / http-stalling-detector
  Detect HTTP stalling attacks like slowloris with Bro
  ☆19Updated 7 years ago
• thirdeyeintelligence / IOCs-in-CSV-format
  The repository contains IOCs in CSV format for APT, Cyber Crimes, Malware and Trojan and whatever I found as part of hunting and research
  ☆12Updated 8 years ago
• neu5ron / dnssinkholelist
  dnssinkholelist is a python package focused on combining open source lists of malicious domains, dynamic dns domains, and advertisement d…
  ☆18Updated 9 years ago
• micrictor / spl-spt
  Zeek plugin to generate data on per-packet sizes and intervals
  ☆14Updated 5 years ago
• jaegeral / FireMISP
  FireEye Alert json files to MISP Malware information sharing plattform (Alpha)
  ☆32Updated 8 years ago
• CERT-Bund / yara-exporter
  Exporting MISP event attributes to yara rules usable with Thor apt scanner
  ☆24Updated 8 years ago
• rj-chap / NFWorkshop
  Network Forensics Workshop Files
  ☆17Updated 10 years ago
• corelight / top-dns
  Top DNS Measurement for Bro
  ☆11Updated 4 years ago
• idiom / pftriage
  Python tool and library to help analyze files during malware triage and analysis.
  ☆78Updated 5 years ago
• PwCUK-CTO / OperationCloudHopper
  Indicators of compromise relating to our report on APT10's targeting of global MSPs
  ☆10Updated 7 years ago
• dougiep16 / actortrackr
  Home to the ActorTrackr source code
  ☆24Updated 8 years ago
• stratosphereips / StratosphereTestingFramework
  The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere …
  ☆50Updated 7 years ago
• SekoiaLab / FastIR_Agent
  FastIR Agent is a Windows service to execute FastIR Collector on demand
  ☆14Updated 8 years ago
• thirdeyeintelligence / Memoirs-of-a-Threat-Hunter
  My personal experience in Threat Hunting and knowledge gained so far.
  ☆19Updated 8 years ago