AlienVault-OTX / OTX-Suricata
The OTX Suricata Rule Generator can be used to create the rules and configuration for Suricata to alert on indicators from your OTX account.
☆109Updated last year
Alternatives and similar repositories for OTX-Suricata:
Users that are interested in OTX-Suricata are comparing it to the libraries listed below
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆123Updated 3 years ago
- Suricata rules for network anomaly detection☆160Updated last week
- Mapping NSM rules to MITRE ATT&CK☆71Updated 4 years ago
- How to Zeek Sysmon Logs!☆101Updated 3 years ago
- This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)☆101Updated 3 years ago
- A website and framework for testing NIDS detection☆57Updated 3 years ago
- The default package source of the Zeek Package Manager. Wrote a package? See the README for how to get it included.☆135Updated last week
- A live dashboard for a real-time overview of threat intelligence from MISP instances☆202Updated last year
- TIH is an intelligence tool that helps you in searching for IOCs across multiple openly available security feeds and some well known APIs…☆150Updated 11 months ago
- This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant ya…☆121Updated 4 years ago
- Snorpy is a python script the gives a Gui interface to help those new to snort create rules.☆62Updated 8 months ago
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆105Updated last year
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆175Updated 4 years ago
- Rule sets for Sagan☆103Updated 4 years ago
- Zeek IDS Dockerfile☆101Updated 2 years ago
- Threat Alert Logic Repository☆92Updated 6 years ago
- zeek-scripts☆44Updated 6 years ago
- Cyber Threat Intelligence Feeds☆95Updated 8 years ago
- Extract files from network traffic with Zeek.☆101Updated 5 years ago
- Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)☆100Updated 3 months ago
- Passive DNS collection using Zeek☆182Updated last year
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆261Updated 2 years ago
- Malware Sinkhole List in various formats☆103Updated 2 years ago
- Web app that provides basic navigation and annotation of ATT&CK matrices☆58Updated 5 years ago
- Tool for managing Zeek deployments.☆54Updated this week
- A web-based tool to assist the work of the intuitive threat analysts.☆113Updated 6 years ago
- Docker files for building Zeek.☆86Updated last year
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆170Updated last year
- MISP Docker (XME edition)☆282Updated last year
- ☆49Updated 4 years ago