stratosphereips/Suricata-Extractor stratosphereips/Suricata-Extractor

  • Stars
    star
    2
  • Language
    Python
  • Created over 7 years ago
  • Updated over 7 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
stratosphereips/Suricata-Extractor
github

stratosphereips

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Extract and summarises the suricata alerts in time windows, by port and src IP

More Repositories

1

StratosphereLinuxIPS

Slips, a free software behavioral Python intrusion prevention system (IDS/IPS) that uses machine learning to detect malicious behaviors in the network traffic. Stratosphere Laboratory, AIC, FEL, CVUT in Prague.
Python
685
star
2

awesome-ml-privacy-attacks

An awesome list of papers on privacy attacks against machine learning
546
star
3

Manati

A web-based tool to assist the work of the intuitive threat analysts.
Python
108
star
4

AIVPN

The AI VPN provides an security assessment of VPN clients' network traffic to identify cyber security threats.
CSS
76
star
5

zeek_anomaly_detector

A completely automated anomaly detector Zeek network flows files (conn.log).
Python
51
star
6

StratosphereTestingFramework

The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere IPS.
Python
50
star
7

StratosphereWindowsIps

The Stratosphere IPS is a free software IPS that uses network behavior to detect and block malicious actions.
Python
32
star
8

NetSecGame

An environment simulation for networks security tasks for development and testing AI based agents. Part of AI Dojo project
Jupyter Notebook
31
star
9

whois-similarity-distance

This python scripts can calculate the WHOIS Similarity Distance between two given domains.
OpenEdge ABL
30
star
10

yara-rules

Repository of Yara rules created by the Stratosphere team
YARA
27
star
11

Google-Summer-of-Code

Core information on Stratosphere's participation on the Google Summer of Code Program
24
star
12

AIP

The Attacker IP Prioritizer(AIP) algorithm is a python program designed to dynamically generate a resource-friendly IPv4 address blacklist based on data collected from attacks on a network.
Python
23
star
13

Ludus

Apply Machine Learning and Game Theory to improve the security of the Turris network of CZ.NIC
Python
22
star
14

Hexa_Payload_Decoder

A tool to automatically decode and translate any TCP hexa payload data form any language to english.
Python
17
star
15

a-study-of-remote-access-trojans

This repository contains a curated list of papers, articles and other sources related to remote access trojans.
16
star
16

ip_enrich

Enrich IP addresses with metadata and threat intelligence indicators.
Python
15
star
17

nist-cve-search-tool

Tapir: a tool to search through NIST CVE database, with cache and regex.
Python
13
star
18

StratosphereLibSlips

This is the C version of the StratosphereLinuxIPS. It is mainly used for integration with Snort and other IDSs.
C++
11
star
19

netflowlabeler

A configurable rule-based labeling tool for network flow files.
Python
7
star
20

android_rat_detection_methods

Methods to detect Android Remote Access Trojans (RATs) from the Android Mischief Dataset v2. The detection methods are written in Python.
Python
7
star
21

ML-for-Network-Security

A short course on how to use Machine Learning for analyzing and detecting real malware traffic in the network from flows
Jupyter Notebook
6
star
22

AD-Honeypot

Project for modeling structure of AD and its content to be used as a honeypot.
Python
6
star
23

model_extraction_malware

Repository for the paper
Python
5
star
24

IRC-Malware-Detection

Tool to retrieve/visualize messages from IRC communication of IoT devices
Jupyter Notebook
4
star
25

NetSecGameAgents

Python
4
star
26

StratosphereWebIPS

A version of Stratosphere that works on HTTP logs.
Python
3
star
27

zeeklog2pandas

Read Zeeek/Bro log and log.gz files (even broken ones) into a Pandas Dataframe.
Python
3
star
28

evpn

Emergency VPN manager
Python
3
star
29

hermeneisGPT

HermeneisGPT is a framework to translate messages using Large Language Models (LLM).
Python
3
star
30

zeek-package-IRC

Zeek Package that extracts features from IRC communication
Zeek
3
star
31

repository-template

This repository is a template with basic elements that every repository at Stratosphere should follow.
3
star
32

flaber

Flaber: A Zeek Fast Labeler tool to label Zeek conn.log files
Python
3
star
33

p2p4slips-experiments

Evaluation and experiments for the trust models introduced in p2p4slips module
Python
3
star
34

DoH-Research

Research on DoH technology
Lua
3
star
35

StratosphereIPS-Argus-VirtualBoxVM

This is a virtual machine that automatically runs the Argus program already configured to send the flows to the Stratosphere Project servers.
3
star
36

RRDcap

A tool to monitor packet capture (pcap) files using RRD
Shell
2
star
37

Civilsphere

YARA
2
star
38

Basic-Python-Learning

Basic python templates for learning
Python
2
star
39

IRC-IoT-Malware-Detection

Master's thesis official repository owned by Ondrej Prenek
Jupyter Notebook
2
star
40

IRC-Behavioral-Analysis

Jupyter Notebook
2
star
41

ArgusDockerContainers

These are docker containers for running Argus preconfigured to send flows to the Stratosphere IPS project. There are images for Debian and for Raspberry Pi
2
star
42

ml-detectors-ctu-50

Some Machine Learning detectors for CTU-50 dataset with TLS features
Jupyter Notebook
2
star
43

vimtutorial

Very basic vim tutorial
1
star
44

zeek-term

A python tool to see ordered zeek log files with colors in the terminal, like termshark.
Python
1
star
45

pcapsummarizer

A set to tools to enrich and manage pcaps
Shell
1
star
46

number-anomaly-detector

Python
1
star
47

argus-configuration-files

These are the argus configuration files for sending flows to the Stratosphere Project
Shell
1
star
48

steganoroute

A data exfiltration tool using times and fake IPs for mtr or traceroute.
Python
1
star
49

AHSVI

Adversarial Heuristic Search Value Iteration
Java
1
star
50

StratoRules

Repo of detection rules created from internal research
1
star
51

essh

SSH tool to detect successful SSH logins on a network
Python
1
star
52

IDPS-Comparison-Tool

Python
1
star
53

zeek-package-log-gateway-IP

This script adds the gateway IP information to the dhcp logs, it adds a notice.log entry if the gw address is identified
Zeek
1
star
54

p2p4slips-tester

A tool for manually testing the p2p4slips package
Go
1
star
55

IDPS-Comparison-Tool-Scripts

Contains the scripts needed to extract the information used by our IDPS comparison tool
Python
1
star
56

feel_project

Code repository for FEEL project
Jupyter Notebook
1
star
57

pcap-iograph-plotter

Python
1
star
58

stratosphereips.org

Web page of the stratosphere IPS project
1
star
59

Ludus-Volumeter

uCollect plugin for measuring pkts/bytes in each port
Python
1
star
60

p2p4slips

Experiments in p2p networking using libp2p in golang
Go
1
star
61

pcap-analysis-sessions

Jupyter Notebook
1
star
62

HackerGridWorld

A client-server terminal game called Hacker Grid World, to train and play with Reinforcement Learning or humans!
Python
1
star
63

zeek-package-detect-DoH

Detect DoH servers and add timeout to them so that the DoH connection won't take too long
Zeek
1
star
64

zeek-package-ARP

Zeek Package that supports adding arp.log to zeek log files
Zeek
1
star
65

computationalPropagandaDetection

Werge: Web Reversed Graph Extractor for computational propaganda detection on the web
Jupyter Notebook
1
star
66

stratosphere-iocs

Group of different IoC related with research done in the Stratosphere Lab
1
star
67

flow-visualizer

A tool to visualize netflows in a local webpage as a timeline
Python
1
star