Alternatives and similar repositories for Timon-Rules:

Users that are interested in Timon-Rules are comparing it to the libraries listed below

• advanced-threat-research / Ripple-20-Detection-Logic
  Ripple20 Critical Vulnerabilities - Detection Logic and Signatures
  ☆11Updated 3 years ago
• markuskont / pikksilm
  Look into EDR events from network
  ☆23Updated 9 months ago
• alphaSeclab / malware-ioc-hash
  Collection of malware ioc hashes from blog posts. A Python script is provided to search through it.
  ☆17Updated 4 years ago
• OISF / suricata-trafficid
  Application and service identification rules for Suricata
  ☆18Updated 2 years ago
• jipegit / IncidentsMindMaps
  Cybersecurity Incidents Mind Maps
  ☆33Updated 3 years ago
• imp0rtp3 / js-yara-rules
  Yara rules for malicious javascript files from public repositories or written by me.
  ☆11Updated 3 years ago
• OISF / suricata-intel-index
  Suricata rule and intel index
  ☆30Updated last month
• B0fH / yara-suricata
  A Yara Lua output script for Suricata
  ☆19Updated 5 years ago
• jakewarren / suricata-rule-generator
  Quickly generate suricata rules for IOCs
  ☆28Updated 3 years ago
• quadrantsec / meer
  Meer is a "spooler" for Suricata / Sagan.
  ☆28Updated last year
• wolfvan / YaraRET
  Carving tool based in Radare2 & Yara
  ☆16Updated 6 years ago
• alertflex / altprobe
  collector/runner
  ☆65Updated last year
• j91321 / ansible-role-auditbeat
  Ansible role to install auditbeat for security monitoring. (Ruleset included)
  ☆15Updated last year
• mitre / gocat
  Simplified go-cat agent for caldera
  ☆10Updated last year
• DCSO / slinkwatch
  automatic enumeration and maintenance of Suricata monitoring interfaces
  ☆11Updated 5 years ago
• 0xN3utr0n / Kanis
  Advanced threat detection solution for Linux.
  ☆36Updated 4 years ago
• activeshadow / go-atomicredteam
  go-atomicredteam is a Golang application to execute tests as defined in the atomics folder of Red Canary's Atomic Red Team project (https…
  ☆47Updated last year
• hardenedlinux / hardenedlinux-zeek-scripts
  ☆38Updated last year
• SCS-Labs / TheWatchList
  Threat Feeds, Threat lists, and regular lists of known IP ranges and domains. It updates every 4 hours.
  ☆15Updated 3 years ago
• botherder / go-autoruns
  Collect autorun records from running system
  ☆59Updated 2 years ago
• JJyyy / suricata-rules
  不定期更新suricata的检测规则
  ☆11Updated 4 years ago
• xisafe / suricata-rule
  suricata IDS的规则，测试在用的，部分自写的规则视情况放出。
  ☆18Updated 5 years ago
• OTRF / sigma
  Generic Signature Format for SIEM Systems
  ☆14Updated 3 years ago
• NVISOsecurity / sigma-public
  Generic Signature Format for SIEM Systems
  ☆17Updated last year
• ipworkx / ecs-suricata
  ☆12Updated 4 years ago
• redBorder / daq
  Snort/Suricata DAQ module with DPDK patch
  ☆11Updated 9 months ago
• klingerko / nids-rule-library
  Collection of various open-source an commercial rulesets for NIDS (especially for Suricata and Snort)
  ☆23Updated last year
• audibleblink / bothan
  Is this IP a C2 server?
  ☆28Updated 4 years ago