120 Open source projects that are alternatives of or similar to Py Idstools

An extremely crude, lightweight Web Frontend for Suricata/Bro to be used with BriarIDS

An UNOFFICIAL Git Repository of Snort Rules(IDS rules) Releases.

Wazuh - The Open Source Security Platform

Real-time HTTP Intrusion Detection

WIFI / LAN intruder detector. Check the devices connected and alert you with unknown devices. It also warns of the disconnection of "always connected" devices

Daemon to ban hosts that cause multiple authentication errors

Suricata IDS rules 用来检测红队渗透/恶意行为等，支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等

The tool for updating your Suricata rules.

Wazuh - Kibana plugin

Wazuh - Ansible playbook

Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management

A lightweight tool to score network traffic and flag anomalies

Simple Implementation of Network Intrusion Detection System. KddCup'99 Data set is used for this project. kdd_cup_10_percent is used for training test. correct set is used for test. PCA is used for dimension reduction. SVM and KNN supervised algorithms are the classification algorithms of project. Accuracy : %83.5 For SVM , %80 For KNN

A Suricata based IDS/IPS distro

BSM based intrusion detection system

An All-In-One home intrusion detection system (IDS) solution for the Raspberry PI.

Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search

Wazuh - Tools for packages creation

gonids is a library to parse IDS rules, with a focus primarily on Suricata rule compatibility. There is a discussion forum available that you can join on Google Groups: https://groups.google.com/forum/#!topic/gonids/

An Ubuntu 16.04 build containing Suricata, PulledPork, Bro, and Splunk

Wazuh - Ruleset

Wazuh - Docker containers

fast, extensible, versatile event router for Suricata's EVE-JSON format

A Suricata Docker image.

Wazuh - Chef cookbooks

Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL.

Open-Source Security Architecture | 开源安全架构

SIAC is an enterprise SIEM built on open-source technology.

一款由 YSRC 开源的主机入侵检测系统

DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat detection

Blackbook of malware domains

Super short, fully unique, non-sequential and URL friendly Ids

Anomaly Detection on Dynamic (time-evolving) Graphs in Real-time and Streaming manner. Detecting intrusions (DoS and DDoS attacks), frauds, fake rating anomalies.

A utility to generate malicious network traffic and evaluate controls

Streaming Anomaly Detection Framework in Python (Outlier Detection for Streaming Data)

By Kprobe technology Open Source Host-based Intrusion Detection System(HIDS), from E_Bwill.

A small PHP library to generate YouTube-like ids from numbers. Use it when you don't want to expose your database ids to the user.

Fastest UUID with cryptographic PRNG for JS

Scirius is a web application for Suricata ruleset management.

🚌 The missing link to connect open-source threat intelligence tools.

VGG-19 deep learning model trained using ISCX 2012 IDS Dataset

Malicious traffic detection system

A curated list of amazingly awesome Cybersecurity datasets

Anti-Abuse for servers at authentication time

Generic Signature Format for SIEM Systems

osquery extensions by Trail of Bits

Pulled Pork for Snort and Suricata rule management (from Google code)

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

QNSM is network security monitoring framework based on DPDK.

Wazuh - Project documentation

SQL powered operating system instrumentation, monitoring, and analytics.

Bro IDS Dockerfile

[ICMLC 2018] A Neural Network Architecture Combining Gated Recurrent Unit (GRU) and Support Vector Machine (SVM) for Intrusion Detection

Network Intrusion Detection KDDCup '99', NSL-KDD and UNSW-NB15

A small JavaScript library to generate YouTube-like ids from numbers.

Suitably random and reasonably unique human readable (and fairly adorable) ids

psad: Intrusion Detection and Log Analysis with iptables

Suricata IDS/IPS log analytics using the Elastic Stack.

64 bit ID Generator

A community-oriented fork of osquery with support for cmake, public CI testing, and regular releases