Alternatives and similar repositories for Network-Forensics

Users that are interested in Network-Forensics are comparing it to the libraries listed below

• aboutsecurity / Bro-samples
  Network Forensics Bro scripts & pcap samples
  ☆63Updated 11 years ago
• inguardians / toms_honeypot
  Tom's Honey Pot as seen in Applied Network Security Monitoring.
  ☆26Updated 10 years ago
• dgunter / ParseZeekLogs
  Utility for parsing Bro log files into CSV or JSON format
  ☆41Updated 2 years ago
• 0xtf / nsm-attack
  Mapping NSM rules to MITRE ATT&CK
  ☆71Updated 5 years ago
• silascutler / MalPipe
  Malware/IOC ingestion and processing engine
  ☆106Updated 6 years ago
• hosom / bro-scripts
  Bro stuff.
  ☆12Updated 9 years ago
• grigorescu / bro-scripts
  Contributed Bro Scripts
  ☆30Updated 11 years ago
• hosom / file-extraction
  Extract files from network traffic with Zeek.
  ☆101Updated 5 years ago
• midnightslacker / threat_intel
  Gather and compile open source threat intelligence feeds.
  ☆40Updated 3 years ago
• S03D4-164 / Hiryu
  IOC Management and Visualization Tool
  ☆47Updated 2 years ago
• stratosphereips / Manati
  A web-based tool to assist the work of the intuitive threat analysts.
  ☆113Updated 6 years ago
• endgameinc / SANS_THIR16
  SANS Hunting on the Cheap
  ☆35Updated 9 years ago
• abhinavbom / Threat-Intelligence-Hunter
  TIH is an intelligence tool that helps you in searching for IOCs across multiple openly available security feeds and some well known APIs…
  ☆153Updated 2 months ago
• cmatthewbrooks / pyiocutils
  A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).
  ☆17Updated 6 years ago
• ahm3dhany / IDS-Evasion
  Evading Snort Intrusion Detection System.
  ☆78Updated 3 years ago
• gcrahay / otx_misp
  Imports Alienvault OTX pulses to a MISP instance
  ☆53Updated 3 years ago
• fredtheranger / network-visualizaton-tool
  Network forensics tool to parse pcap and provide visualizations using D3.js
  ☆15Updated 12 years ago
• 401trg / detections
  This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant ya…
  ☆122Updated 4 years ago
• mlsecproject / tiq-test
  Threat Intelligence Quotient Test - Dataviz and Statistical Analysis of TI feeds
  ☆175Updated 9 years ago
• sooshie / bro-scripts
  Various Bro scripts
  ☆97Updated 9 years ago
• initconf / smtp-url-analysis
  Extracting and analyzing URLs from Emails for phishing events
  ☆21Updated 4 years ago
• rkovar / dns_detection
  Detecting DNS Spoofing, DNS Tunneling, DNS Exfiltration
  ☆37Updated 9 years ago
• bez0r / pDNS2
  Passive DNS V2
  ☆60Updated 11 years ago
• armedpot / honeytrap
  Last download from git://git.carnivore.it/honeytrap.git of Honytrap by Tillmann Werner
  ☆44Updated 3 years ago
• binorassocies / brostash
  brostash: Linux distribution based on Debian and focusing on network security events collection
  ☆34Updated 5 years ago
• jasklabs / blackhat2017
  Data sets and examples for Jask Labs Blackhat 2017 Handout: Top 10 Machine Learning Cyber Security Use Cases
  ☆30Updated 8 years ago
• thirdeyeintelligence / ThreatHunting
  An informational repo about hunting for adversaries in your IT environment.
  ☆14Updated 8 years ago
• abusesa / abusehelper
  A framework for receiving and redistributing abuse feeds
  ☆124Updated 5 years ago
• opensourcesec / malstrom
  Cyber Intel Management
  ☆49Updated 7 years ago
• MISP / misp-graph
  A tool to convert MISP XML files (events and attributes) into graphs
  ☆20Updated 8 years ago