Alternatives and similar repositories for satori:

Users that are interested in satori are comparing it to the libraries listed below

• trisulnsm / ja3prints
  JA3 TLS Fingerprint database
  ☆77Updated 5 years ago
• p0f / p0f
  p0f unofficial git repo
  ☆489Updated 5 years ago
• salesforce / GQUIC_Protocol_Analyzer
  GQUIC Protocol Analyzer for Zeek (Bro) Network Security Monitor
  ☆76Updated last year
• NikolaiT / zardaxt
  Passive TCP/IP Fingerprinting Tool. Run this on your server and find out what Operating Systems your clients are *really* using.
  ☆318Updated last year
• fullylegit / ja3
  A wireshark/tshark plugin for the JA3 TLS Client Fingerprinting Algorithm
  ☆58Updated last year
• trisulnsm / trisul-scripts
  Ready to run scripts for network analysis
  ☆88Updated last week
• regit / suriwire
  Wireshark plugin to display Suricata analysis info
  ☆93Updated 3 years ago
• 0x4D31 / fatt
  FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network …
  ☆664Updated last year
• LeeBrotherston / tls-fingerprinting
  TLS Fingerprinting
  ☆385Updated 4 years ago
• Cisco-Talos / file2pcap
  ☆168Updated 3 years ago
• segofensiva / OSfooler-ng
  OSfooler-ng prevents remote active/passive OS fingerprinting by tools like nmap or p0f
  ☆204Updated 2 years ago
• OISF / suricata-verify
  Suricata Verification Tests - Testing Suricata Output
  ☆105Updated this week
• blacktop / docker-zeek
  Zeek IDS Dockerfile
  ☆101Updated 2 years ago
• stanford-esrg / lzr
  LZR quickly detects and fingerprints unexpected services running on unexpected ports.
  ☆169Updated last month
• CERT-Polska / hfinger
  Hfinger - fingerprinting HTTP requests
  ☆135Updated last year
• certego / PcapMonkey
  PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.
  ☆153Updated 2 weeks ago
• AlienVault-OTX / OTX-Suricata
  The OTX Suricata Rule Generator can be used to create the rules and configuration for Suricata to alert on indicators from your OTX accou…
  ☆109Updated 11 months ago
• pevma / SEPTun
  Suricata Extreme Performance Tuning guide
  ☆206Updated 7 years ago
• MISP / misp-warninglists
  Warning lists to inform users of MISP about potential false-positives or other information in indicators
  ☆558Updated last week
• corelight / community-id-spec
  An open standard for hashing network flows into identifiers, a.k.a "Community IDs".
  ☆176Updated 6 months ago
• CaliDog / Axeman
  Axeman is a utility to retrieve certificates from Certificate Transparency Lists (CTLs)
  ☆223Updated last year
• xplico / CapAnalysis
  CapAnalysis source code repository
  ☆86Updated 6 years ago
• salesforce / bro-sysmon
  How to Zeek Sysmon Logs!
  ☆101Updated 3 years ago
• cisco / mercury
  Mercury: network metadata capture and analysis
  ☆455Updated 2 weeks ago
• tatsuiman / malware-traffic-analysis.net
  Download pcap files from http://www.malware-traffic-analysis.net/
  ☆75Updated 7 years ago
• secureworks / flowsynth
  a network packet capture compiler
  ☆198Updated 2 years ago
• travisbgreen / hunting-rules
  Suricata rules for network anomaly detection
  ☆156Updated last week
• 0xtf / nsm-attack
  Mapping NSM rules to MITRE ATT&CK
  ☆70Updated 4 years ago
• StamusNetworks / suricata-language-server
  Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…
  ☆69Updated 2 months ago
• StamusNetworks / gophercap
  Accurate, modular, scalable PCAP manipulation tool written in Go.
  ☆87Updated 10 months ago