maltrail VS community

Compare maltrail vs community and see what are their differences.

maltrail

Malicious traffic detection system (by stamparm)
Security Malware intrusion-detection Sensor Python network-monitoring attack-detection
Source Code
Suggest alternative
Edit details

community

Volatility plugins developed and maintained by the community (by volatilityfoundation)
Python volatility-plugins volatility-framework Malware
Source Code
Suggest alternative
Edit details
InfluxDB
Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors
maltrail community
5 1
5,731 336
- 0.6%
10.0 0.0
6 days ago about 3 years ago
Python Python
MIT License -
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

maltrail

Posts with mentions or reviews of maltrail. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-06-07.
  • Maltrail: Malicious traffic detection system
    1 project | /r/selfhosted | 5 Jul 2023
    I just wanted to tell you about Maltrail (https://github.com/stamparm/maltrail/).
  • Is Maltrait worth the trouble?
    1 project | /r/OPNsenseFirewall | 22 Dec 2022
    Yes, MT had OOM on *BSD, because of python-pcapy module, which is currently unmaintained. So, the fork was done and python-pcapy-ng becomes actual module for MT, which fixed OOM and now MT works OK for *BSD-line: [1] https://github.com/stamparm/maltrail/issues/19056 [2] https://github.com/stamparm/maltrail/issues/16710 [3] py-pcapy-ng on Fresh Ports: https://www.freshports.org/net/py-pcapy-ng/ Also /requirement.txt file was modified for MT to avoid installing python-pcapy instead of python-pcapy-ng: [4] https://github.com/stamparm/maltrail/commit/2aa2da5ba5c332ddd106020290926d1fdfd0f8b2 Despite on all it, some mass-medias keep saying that python-pcapy is required for MT to work. No, just python-pcapy-ng. "Given everything is now encrypted, does anyone know if it is still effective?" <-- IDS (MT is the IDS itself) is passive detection, it doesn't provide the prevention actions. MT can use blocking mechanism, they are describes for Linux: https://github.com/stamparm/maltrail/wiki/Miscellaneous#1-setting-up-maltrail-as-an-intrusion-prevention-system-ips . If some can describe mechanism for MT on *BSD-line, that would be nice. Anyway would be thankful, if you provide details on missing ransomware. Perhaps, it is needed to update network IoCs, if ransomware comprometation was via network. Thank you! "Are the signatures reasonably up to date?" <-- trying to be up-to-dated: https://github.com/stamparm/maltrail/commits/master
  • Low resource alternative to Security Onion
    1 project | /r/homelab | 18 Sep 2022
    Security Onion is a suite of tools, but if you just want visibility into things happening on your perimeter with Fail2ban style mitigation check out MalTrail. https://github.com/stamparm/MalTrail
  • Having Problems Using Wire? That's Because Wire Domains Are Ending Up In NextDNS Threat Intelligence Blocklists!
    2 projects | /r/nextdns | 7 Jun 2022
    The Threat Intelligence Feeds have multiple upstream sources, see https://github.com/nextdns/metadata/blob/master/security/threat-intelligence-feeds.json. In this case, Maltrail Blacklist seems to have included this domain. You can report this directly to that maintainer here: https://github.com/stamparm/maltrail/issues
  • How do you run self-hosted software?
    1 project | /r/selfhosted | 15 Feb 2021
    last docker discovery : maltrail (https://github.com/stamparm/maltrail , about to be moved from VM to docker)

community

Posts with mentions or reviews of community. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-02-22.

What are some alternatives?

When comparing maltrail and community you can also consider the following projects:

Suricata - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.

MemProcFS-Analyzer - MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR

Fail2Ban - Daemon to ban hosts that cause multiple authentication errors

pyWhat - 🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️

rpi-appliance-monitor - Device to monitor appliances that vibrate, such as clothes dryers or garage door openers

wifiphisher - The Rogue Access Point Framework

hosts - 🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

MalConfScan - Volatility plugin for extracts configuration data of known malware

volatility - An advanced memory forensics framework

community3 - Volatility3 plugins developed and maintained by the community

maltrail vs Suricata community vs MemProcFS-Analyzer maltrail vs Fail2Ban community vs pyWhat maltrail vs rpi-appliance-monitor community vs wifiphisher maltrail vs hosts community vs hosts maltrail vs MalConfScan community vs volatility maltrail vs pyWhat community vs community3