Alternatives and similar repositories for satori

Users that are interested in satori are comparing it to the libraries listed below

• fullylegit / ja3
  A wireshark/tshark plugin for the JA3 TLS Client Fingerprinting Algorithm
  ☆58Updated last year
• NikolaiT / zardaxt
  Passive TCP/IP Fingerprinting Tool. Run this on your server and find out what Operating Systems your clients are *really* using.
  ☆350Updated last year
• trisulnsm / ja3prints
  JA3 TLS Fingerprint database
  ☆79Updated 5 years ago
• p0f / p0f
  p0f unofficial git repo
  ☆492Updated 5 years ago
• travisbgreen / hunting-rules
  Suricata rules for network anomaly detection
  ☆160Updated 3 weeks ago
• stanford-esrg / lzr
  LZR quickly detects and fingerprints unexpected services running on unexpected ports.
  ☆173Updated 2 weeks ago
• cisco / mercury
  Mercury: network metadata capture and analysis
  ☆454Updated 2 months ago
• segofensiva / OSfooler-ng
  OSfooler-ng prevents remote active/passive OS fingerprinting by tools like nmap or p0f
  ☆207Updated 2 years ago
• TW-NCERT / ctifeeds
  Cyber Threat Intelligence Feeds
  ☆95Updated 8 years ago
• 0x4D31 / fatt
  FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network …
  ☆668Updated last year
• zeek / packages
  The default package source of the Zeek Package Manager. Wrote a package? See the README for how to get it included.
  ☆137Updated last week
• secureworks / dalton
  Suricata, Snort and Zeek IDS rule and pcap testing system
  ☆477Updated 4 months ago
• secureworks / flowsynth
  a network packet capture compiler
  ☆199Updated 3 years ago
• trisulnsm / trisul-scripts
  Ready to run scripts for network analysis
  ☆88Updated last month
• Cisco-Talos / file2pcap
  ☆168Updated 3 years ago
• CriticalPathSecurity / Zeek-Intelligence-Feeds
  Zeek-Formatted Threat Intelligence Feeds
  ☆361Updated this week
• openargus / argus
  Argus Sensor
  ☆63Updated 2 weeks ago
• regit / suriwire
  Wireshark plugin to display Suricata analysis info
  ☆94Updated 3 years ago
• tylabs / dovehawk
  Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
  ☆123Updated 3 years ago
• DynamiteAI / dynamite-nsm
  DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…
  ☆171Updated last year
• salesforce / GQUIC_Protocol_Analyzer
  GQUIC Protocol Analyzer for Zeek (Bro) Network Security Monitor
  ☆77Updated last year
• chrisjd20 / Snorpy
  Snorpy is a python script the gives a Gui interface to help those new to snort create rules.
  ☆62Updated 8 months ago
• certego / PcapMonkey
  PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.
  ☆153Updated last month
• CERT-Polska / hfinger
  Hfinger - fingerprinting HTTP requests
  ☆137Updated last year
• OISF / suricata-verify
  Suricata Verification Tests - Testing Suricata Output
  ☆107Updated this week
• JustinAzoff / zeek-pdns
  Passive DNS collection using Zeek
  ☆182Updated last year
• rosehgal / HoneySMB
  Simple High Interaction Honeypot Solution for SMB protocol
  ☆48Updated 4 years ago
• SeisoLLC / zeek-kafka
  A Zeek log writer plugin that publishes to Kafka.
  ☆47Updated 4 months ago
• brimdata / brimcap
  Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
  ☆81Updated 2 weeks ago
• blacktop / docker-zeek
  Zeek IDS Dockerfile
  ☆101Updated 2 years ago