Tags : Browse Projects

Select a tag to browse associated projects and drill deeper into the tag cloud.

Prelude SIEM

Compare

  Analyzed 4 months ago

Prelude is a Security Information and Event Management system, enabling all available security application, be it opensource or proprietary, to report to a centralized system. In order to achieve this task, Prelude relies on the IDMEF (Intrusion Detection Message Exchange Format) IETF standard (RFC ... [More] 4765), that enables different kinds of sensors to generate events using an unified language. Prelude benefits from its ability to find traces of malicious activity from different sensors (Snort, Suricata, OSSEC, honeyd, Samhain, over 30 types of systems logs, and many others) in order to better verify an attack and in the end to perform automatic correlation between the various events. Prelude is commited to providing a SIEM that offers the ability to unify currently available tools. [Less]

399K lines of code

10 current contributors

4 months since last commit

11 users on Open Hub

Activity Not Available
4.8
   
I Use This

Bro

Compare

  Analyzed about 1 month ago

153K lines of code

19 current contributors

about 1 month since last commit

8 users on Open Hub

Activity Not Available
5.0
 
I Use This
Licenses: No declared licenses

Hachoir

Compare

  Analyzed 10 months ago

Hachoir is a library written in Python which allows to see and edit a binary file (or any binary stream) field per field. A field is the most basic information: a number, a string of characters, a flag (yes/no), etc. Only supported formats can be opened, it's not a magic tool. It can be used to ... [More] extract some information (eg. metadata), edit some fields of a file without the original program, or convert a file from one format to another. [Less]

64.5K lines of code

3 current contributors

over 1 year since last commit

6 users on Open Hub

Activity Not Available
4.5
   
I Use This

AlienVault OSSIM

Compare

  Analyzed about 2 years ago

AlienVault Open Source SIM aims to be the all-in-one security solution for enterprise needs, featuring: Low level real-time detection of known threats and unknown abnormal activity Network, host and policies Audit Network behavior analysis and profiling Log management Intelligence to improve the ... [More] accuracy of threat detection Risk oriented security analysis Compliance automation Executive and technical reports An scalable high performance architecture [Less]

7.65M lines of code

0 current contributors

over 3 years since last commit

5 users on Open Hub

Activity Not Available
4.0
   
I Use This

Digital Forensics Framework

Compare

  Analyzed 7 months ago

A simple but powerful tool with a flexible module system which will help you in your digital forensics works, including file recovery due to error or crash, evidence research and analysis, etc. Digital Forensics Framework (DFF) provides a robust architecture and some handy modules.

101K lines of code

0 current contributors

almost 4 years since last commit

5 users on Open Hub

Activity Not Available
5.0
 
I Use This

fpcgui

Compare

  Analyzed 3 days ago

PCGUI is a frontend to handle packet captures. Its aim is for Network Security Analysts who wants to have a non-commercial cheap storage for doing Network Forensics. It can uses daemonlogger/tcpdump/sancp for packet capturing and cxtracker for connection profiling. daemonlogger/tcpdump/sancp ... [More] is responsible for dumping pcaps to disk. cxtracker/sancp indexes connections, making them searchable. LAMP is used for GUI. to search up connections and carving out relevant pcaps. [Less]

1.47K lines of code

0 current contributors

over 7 years since last commit

2 users on Open Hub

Inactive
0.0
 
I Use This

The Autopsy Forensic Browser

Compare

  Analyzed about 2 months ago

The Autopsy Forensic Browser is a graphical interface to The Sleuth Kit and other analysis tools. It was designed to be an extensible platform so that it can be an end-to-end digital forensics solution that incorporates plug-in modules from both open and closed source projects.

280K lines of code

17 current contributors

4 months since last commit

2 users on Open Hub

Activity Not Available
0.0
 
I Use This

libforensics

Compare

  Analyzed about 1 year ago

LibForensics is a library for developing digital forensics applications. Currently it is developed in pure Python. After a majority of the code has been developed and stabilized, the bottlenecks will likely be converted into C-based modules. I'm looking for people to use and test the framework. ... [More] I've developed some sample Python tools (under the demo directory in the repository) that use various parts of the framework. Even if you're not a coder, feel free to experiment with the tools, and report any bugs you find. LibForensics requires Python version 3.1. You can get the latest version of Python from http://www.python.org News: Whats new - March 18, 2010 I've been working on the next major release (0.3). Several things have changed, including the data typing system (we now use ctypes instead of struct), more thorough unit testing, numerous bug fixes, and API documentation. Look for a major release in the next few weeks. Some basic factoids [Less]

21.2K lines of code

0 current contributors

about 7 years since last commit

2 users on Open Hub

Activity Not Available
5.0
 
I Use This
Licenses: No declared licenses

python-haystack

Compare

  Analyzed 3 days ago

Search C Structures in a process' memory Keywords: memory,analysis,forensics,struct,ptrace

38.1K lines of code

1 current contributors

5 months since last commit

1 users on Open Hub

Very Low Activity
5.0
 
I Use This

Volatility

Compare

  Analyzed about 1 year ago

The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples. The extraction techniques are performed completely independent of the system being investigated ... [More] but offer unprecedented visibilty into the runtime state of the system. The framework is intended to introduce people to the techniques and complexities associated with extracting digital artifacts from volatile memory samples and provide a platform for further work into this exciting area of research. [Less]

266K lines of code

20 current contributors

about 1 year since last commit

1 users on Open Hub

Activity Not Available
0.0
 
I Use This