Alternatives and similar repositories for satori:

Users that are interested in satori are comparing it to the libraries listed below

• fullylegit / ja3
  A wireshark/tshark plugin for the JA3 TLS Client Fingerprinting Algorithm
  ☆58Updated last year
• trisulnsm / ja3prints
  JA3 TLS Fingerprint database
  ☆77Updated 5 years ago
• stanford-esrg / lzr
  LZR quickly detects and fingerprints unexpected services running on unexpected ports.
  ☆167Updated last week
• salesforce / GQUIC_Protocol_Analyzer
  GQUIC Protocol Analyzer for Zeek (Bro) Network Security Monitor
  ☆75Updated last year
• TW-NCERT / ctifeeds
  Cyber Threat Intelligence Feeds
  ☆93Updated 8 years ago
• segofensiva / OSfooler-ng
  OSfooler-ng prevents remote active/passive OS fingerprinting by tools like nmap or p0f
  ☆203Updated last year
• SpiderLabs / IOCs-IDPS
  This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)
  ☆100Updated 3 years ago
• CERT-Polska / hfinger
  Hfinger - fingerprinting HTTP requests
  ☆137Updated last year
• OISF / suricata-verify
  Suricata Verification Tests - Testing Suricata Output
  ☆104Updated this week
• tatsuiman / malware-traffic-analysis.net
  Download pcap files from http://www.malware-traffic-analysis.net/
  ☆74Updated 7 years ago
• regit / suriwire
  Wireshark plugin to display Suricata analysis info
  ☆93Updated 3 years ago
• secureworks / flowsynth
  a network packet capture compiler
  ☆197Updated 2 years ago
• 0x4D31 / fatt
  FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network …
  ☆664Updated last year
• PaloAltoNetworks / pyjarm
  pyJARM is a library for doing JARM fingerprinting using python
  ☆51Updated last month
• 360netlab / DGA
  Suspicious DGA from PDNS and Sandbox.
  ☆183Updated 2 years ago
• salesforce / hassh
  HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints…
  ☆535Updated 11 months ago
• AlienVault-OTX / OTX-Suricata
  The OTX Suricata Rule Generator can be used to create the rules and configuration for Suricata to alert on indicators from your OTX accou…
  ☆108Updated 9 months ago
• certego / PcapMonkey
  PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.
  ☆150Updated 11 months ago
• sonertari / SSLproxy
  Transparent SSL/TLS proxy for decrypting and diverting network traffic to other programs, such as UTM services, for deep SSL inspection
  ☆408Updated 2 months ago
• trisulnsm / trisul-scripts
  Ready to run scripts for network analysis
  ☆88Updated this week
• p0f / p0f
  p0f unofficial git repo
  ☆484Updated 5 years ago
• Cisco-Talos / file2pcap
  ☆169Updated 3 years ago
• blacktop / docker-zeek
  Zeek IDS Dockerfile
  ☆100Updated 2 years ago
• 0xtf / nsm-attack
  Mapping NSM rules to MITRE ATT&CK
  ☆69Updated 4 years ago
• openargus / argus
  Argus Sensor
  ☆58Updated this week
• travisbgreen / hunting-rules
  Suricata rules for network anomaly detection
  ☆155Updated this week
• OISF / suricata-update
  The tool for updating your Suricata rules.
  ☆265Updated 2 months ago
• tylabs / dovehawk
  Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
  ☆122Updated 3 years ago
• sophos / yaraml_rules
  Security ML models encoded as Yara rules
  ☆213Updated last year
• rosehgal / HoneySMB
  Simple High Interaction Honeypot Solution for SMB protocol
  ☆48Updated 3 years ago