By micrictor
A package that creates a log for sequences of packet lengths and times, allowing for new analytics based on these data features.
By thibaultbl
Implementing coefficient of variation (standard deviation / average), sort of relative standard deviation.
By dopheide
Attempts to detect an attacker calling to the VENOM Linux Rootkit https://security.web.cern.ch/security/venom.shtml
By initconf
Simple policy to detect VNC (RFB) scanners based on src->dst connection counts
By jbaggs
This script adds a new Intel::WILDCARD_DOMAIN type that matches on the base domain name, regardless of what subdomain may be prepended to it.