SNORT-GUI
pyp0f
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
SNORT-GUI
-
What (inexpensive) IDS would you recommend?
If you're looking for an inexpensive ids, snort maybe the way to venture. They regularly update their community rules to zero-day vulnerabilities, but a knowledge of configuring and running snort is required. Would recommend checking out: https://github.com/WhiteHatCyberus/SNORT-GUI
pyp0f
What are some alternatives?
Malcolm - Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
IVRE - Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more! Uses Nmap, Masscan, Zeek, p0f, etc.
dgad - DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic
sniffer - Network analyzer
nfstream - NFStream: a Flexible Network Data Analysis Framework.
Fingerprint-Feature-Extraction - Extract minutiae features from fingerprint images
scapy - Scapy: the Python-based interactive packet manipulation program & library.
Pyp0f - p0f with Python.
nSpector - A tool to take Nmap scans, and store the results in a queryable database.
VLANPWN - VLAN attacks toolkit