xplico / CapAnalysis

Related projects: ⓘ

• Cisco-Talos / file2pcap
  ☆167Updated 3 years ago
• plashchynski / viewssld
  viewssld is a free, open source, non-terminating SSLv2/SSLv3/TLS traffic decryption daemon for Snort, and other Network Intrusion Detecti…
  ☆74Updated 7 years ago
• Cisco-Talos / Daemonlogger
  The Official Github Repository of Daemonlogger
  ☆19Updated 3 years ago
• xplico / xplico
  Open Source Network Forensic Analysis Tool (NFAT)
  ☆179Updated 4 years ago
• mrash / fwsnort
  Application Layer IDS/IPS with iptables
  ☆73Updated 5 years ago
• pevma / Suricata-Logstash-Templates
  Templates for Kibana/Logstash to use with Suricata IDPS
  ☆80Updated 8 years ago
• shendo / websnort
  Web service for scanning pcaps with snort
  ☆108Updated 6 years ago
• regit / suriwire
  Wireshark plugin to display Suricata analysis info
  ☆91Updated 2 years ago
• CIRCL / potiron
  Potiron - Normalize, Index and Visualize Network Capture
  ☆83Updated 5 years ago
• beave / sagan-rules
  Rule sets for Sagan
  ☆102Updated 3 years ago
• bez0r / pDNS2
  Passive DNS V2
  ☆62Updated 10 years ago
• kost / docker-moloch
  A Docker container for Moloch based on minimal Debian
  ☆26Updated 8 years ago
• EmergingThreats / et-luajit-scripts
  ☆76Updated 2 years ago
• gamelinux / prads
  Passive Real-time Asset Detection System
  ☆229Updated 3 months ago
• MITRECND / bro-http2
  Plugin for Zeek/Bro which provides http2 decoder/analyzer
  ☆30Updated 3 months ago
• jpalanco / alienvault-ossim
  Alienvault ossim
  ☆118Updated 5 years ago
• zeek / zeek-agent
  This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2
  ☆124Updated 3 years ago
• treussart / ProbeManager
  Centralize Management of Intrusion Detection System like Suricata Bro Ossec ...
  ☆72Updated 5 years ago
• felixe / idsEventGenerator
  aka GENESIDS: Reads and parses rules using a "snort like" syntax and generates and sends packets that trigger events in signature based I…
  ☆22Updated 5 years ago
• counterflow-ai-archive / dragonfly-mle
  ☆52Updated this week
• pevma / SEPTun
  Suricata Extreme Performance Tuning guide
  ☆202Updated 6 years ago
• JustinAzoff / zeek-pdns
  Passive DNS collection using Zeek
  ☆181Updated last year
• MattCarothers / mhn-core-docker
  Core elements of the Modern Honey Network implemented in Docker
  ☆32Updated 2 years ago
• binorassocies / brostash
  brostash: Linux distribution based on Debian and focusing on network security events collection
  ☆34Updated 4 years ago
• GrrrDog / TacoTaco
  Some scripts for attacks on Tacacs+ protocol
  ☆64Updated 5 years ago
• trisulnsm / trisul-scripts
  Ready to run scripts for network analysis
  ☆83Updated 3 weeks ago
• DanielSchwartz1 / SplunkForPCAP
  The PCAP Analyzer for Splunk includes useful Dashboards to analyze network packet capture files from Wireshark or Network Monitor (.pcap)…
  ☆40Updated 8 months ago
• jpsenior / threataggregator
  Aggregates security threats from a number of online sources, and outputs to Syslog CEF, Snort Signatures, Iptables rules, hosts.deny, etc…
  ☆78Updated 8 years ago
• Masood-M / yalih
  YALIH (Yet Another Low Interaction Honeyclient) is a low Interaction Client honeypot designed to detect malicious websites through signat…
  ☆68Updated 5 years ago
• stratosphereips / Manati
  A web-based tool to assist the work of the intuitive threat analysts.
  ☆110Updated 5 years ago