Stratosphere IPS (@stratosphereips)
Guthub

stratosphereips

Twitter logo Share LinkedIn logo Share Facebook logo Share

Top repositories

1

StratosphereLinuxIPS

Slips, a free software behavioral Python intrusion prevention system (IDS/IPS) that uses machine learning to detect malicious behaviors in the network traffic. Stratosphere Laboratory, AIC, FEL, CVUT in Prague.
Python
685
star
2

awesome-ml-privacy-attacks

An awesome list of papers on privacy attacks against machine learning
546
star
3

Manati

A web-based tool to assist the work of the intuitive threat analysts.
Python
108
star
4

AIVPN

The AI VPN provides an security assessment of VPN clients' network traffic to identify cyber security threats.
CSS
76
star
5

zeek_anomaly_detector

A completely automated anomaly detector Zeek network flows files (conn.log).
Python
51
star
6

StratosphereTestingFramework

The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere IPS.
Python
50
star
7

StratosphereWindowsIps

The Stratosphere IPS is a free software IPS that uses network behavior to detect and block malicious actions.
Python
32
star
8

NetSecGame

An environment simulation for networks security tasks for development and testing AI based agents. Part of AI Dojo project
Jupyter Notebook
31
star
9

whois-similarity-distance

This python scripts can calculate the WHOIS Similarity Distance between two given domains.
OpenEdge ABL
30
star
10

yara-rules

Repository of Yara rules created by the Stratosphere team
YARA
27
star
11

Google-Summer-of-Code

Core information on Stratosphere's participation on the Google Summer of Code Program
24
star
12

AIP

The Attacker IP Prioritizer(AIP) algorithm is a python program designed to dynamically generate a resource-friendly IPv4 address blacklist based on data collected from attacks on a network.
Python
23
star
13

Ludus

Apply Machine Learning and Game Theory to improve the security of the Turris network of CZ.NIC
Python
22
star
14

Hexa_Payload_Decoder

A tool to automatically decode and translate any TCP hexa payload data form any language to english.
Python
17
star
15

a-study-of-remote-access-trojans

This repository contains a curated list of papers, articles and other sources related to remote access trojans.
16
star
16

ip_enrich

Enrich IP addresses with metadata and threat intelligence indicators.
Python
15
star
17

nist-cve-search-tool

Tapir: a tool to search through NIST CVE database, with cache and regex.
Python
13
star
18

StratosphereLibSlips

This is the C version of the StratosphereLinuxIPS. It is mainly used for integration with Snort and other IDSs.
C++
11
star
19

netflowlabeler

A configurable rule-based labeling tool for network flow files.
Python
7
star
20

android_rat_detection_methods

Methods to detect Android Remote Access Trojans (RATs) from the Android Mischief Dataset v2. The detection methods are written in Python.
Python
7
star
21

ML-for-Network-Security

A short course on how to use Machine Learning for analyzing and detecting real malware traffic in the network from flows
Jupyter Notebook
6
star
22

AD-Honeypot

Project for modeling structure of AD and its content to be used as a honeypot.
Python
6
star
23

model_extraction_malware

Repository for the paper
Python
5
star
24

IRC-Malware-Detection

Tool to retrieve/visualize messages from IRC communication of IoT devices
Jupyter Notebook
4
star
25

NetSecGameAgents

Python
4
star
26

StratosphereWebIPS

A version of Stratosphere that works on HTTP logs.
Python
3
star
27

zeeklog2pandas

Read Zeeek/Bro log and log.gz files (even broken ones) into a Pandas Dataframe.
Python
3
star
28

evpn

Emergency VPN manager
Python
3
star
29

hermeneisGPT

HermeneisGPT is a framework to translate messages using Large Language Models (LLM).
Python
3
star
30

zeek-package-IRC

Zeek Package that extracts features from IRC communication
Zeek
3
star
31

repository-template

This repository is a template with basic elements that every repository at Stratosphere should follow.
3
star
32

flaber

Flaber: A Zeek Fast Labeler tool to label Zeek conn.log files
Python
3
star
33

p2p4slips-experiments

Evaluation and experiments for the trust models introduced in p2p4slips module
Python
3
star
34

DoH-Research

Research on DoH technology
Lua
3
star
35

StratosphereIPS-Argus-VirtualBoxVM

This is a virtual machine that automatically runs the Argus program already configured to send the flows to the Stratosphere Project servers.
3
star
36

RRDcap

A tool to monitor packet capture (pcap) files using RRD
Shell
2
star
37

Civilsphere

YARA
2
star
38

Basic-Python-Learning

Basic python templates for learning
Python
2
star
39

IRC-IoT-Malware-Detection

Master's thesis official repository owned by Ondrej Prenek
Jupyter Notebook
2
star
40

IRC-Behavioral-Analysis

Jupyter Notebook
2
star
41

Suricata-Extractor

Extract and summarises the suricata alerts in time windows, by port and src IP
Python
2
star
42

ArgusDockerContainers

These are docker containers for running Argus preconfigured to send flows to the Stratosphere IPS project. There are images for Debian and for Raspberry Pi
2
star
43

ml-detectors-ctu-50

Some Machine Learning detectors for CTU-50 dataset with TLS features
Jupyter Notebook
2
star
44

vimtutorial

Very basic vim tutorial
1
star
45

zeek-term

A python tool to see ordered zeek log files with colors in the terminal, like termshark.
Python
1
star
46

pcapsummarizer

A set to tools to enrich and manage pcaps
Shell
1
star
47

number-anomaly-detector

Python
1
star
48

argus-configuration-files

These are the argus configuration files for sending flows to the Stratosphere Project
Shell
1
star
49

steganoroute

A data exfiltration tool using times and fake IPs for mtr or traceroute.
Python
1
star
50

AHSVI

Adversarial Heuristic Search Value Iteration
Java
1
star
51

StratoRules

Repo of detection rules created from internal research
1
star
52

essh

SSH tool to detect successful SSH logins on a network
Python
1
star
53

IDPS-Comparison-Tool

Python
1
star
54

zeek-package-log-gateway-IP

This script adds the gateway IP information to the dhcp logs, it adds a notice.log entry if the gw address is identified
Zeek
1
star
55

p2p4slips-tester

A tool for manually testing the p2p4slips package
Go
1
star
56

IDPS-Comparison-Tool-Scripts

Contains the scripts needed to extract the information used by our IDPS comparison tool
Python
1
star
57

feel_project

Code repository for FEEL project
Jupyter Notebook
1
star
58

pcap-iograph-plotter

Python
1
star
59

stratosphereips.org

Web page of the stratosphere IPS project
1
star
60

Ludus-Volumeter

uCollect plugin for measuring pkts/bytes in each port
Python
1
star
61

p2p4slips

Experiments in p2p networking using libp2p in golang
Go
1
star
62

pcap-analysis-sessions

Jupyter Notebook
1
star
63

HackerGridWorld

A client-server terminal game called Hacker Grid World, to train and play with Reinforcement Learning or humans!
Python
1
star
64

zeek-package-detect-DoH

Detect DoH servers and add timeout to them so that the DoH connection won't take too long
Zeek
1
star
65

zeek-package-ARP

Zeek Package that supports adding arp.log to zeek log files
Zeek
1
star
66

computationalPropagandaDetection

Werge: Web Reversed Graph Extractor for computational propaganda detection on the web
Jupyter Notebook
1
star
67

stratosphere-iocs

Group of different IoC related with research done in the Stratosphere Lab
1
star
68

flow-visualizer

A tool to visualize netflows in a local webpage as a timeline
Python
1
star