Security-Onion-Solutions / securityonion
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections, and case management. It also includes other tools such as osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
☆3,622Updated this week
Alternatives and similar repositories for securityonion:
Users that are interested in securityonion are comparing it to the libraries listed below
- A curated list of awesome YARA rules, tools, and people.☆3,755Updated 2 weeks ago
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,510Updated 9 months ago
- Digging Deeper....☆3,189Updated this week
- Automated Adversary Emulation Platform☆6,017Updated this week
- Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management☆3,087Updated 3 years ago
- Loki - Simple IOC and YARA Scanner☆3,505Updated 4 months ago
- Main Sigma Rule Repository☆8,880Updated last week
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆2,093Updated last week
- Web app that provides basic navigation and annotation of ATT&CK matrices☆2,101Updated this week
- Rapidly Search and Hunt through Windows Forensic Artefacts☆3,096Updated 2 weeks ago
- TheHive: a Scalable, Open Source and Free Security Incident Response Platform☆3,608Updated 2 years ago
- Small and highly portable detection tests based on MITRE's ATT&CK.☆10,395Updated this week
- A Suricata based IDS/IPS/NSM distro☆1,523Updated 7 months ago
- A toolset to make a system look as if it was the victim of an APT attack☆2,562Updated last year
- ✨ A curated list of awesome threat detection and hunting resources 🕵️♂️☆4,106Updated 8 months ago
- Your Everyday Threat Intelligence☆1,840Updated last week
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,168Updated last year
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆2,869Updated 9 months ago
- Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Po…☆3,159Updated 2 months ago
- Cyber Threat Intelligence Repository expressed in STIX 2.0☆1,832Updated 4 months ago
- Six Degrees of Domain Admin☆10,132Updated last week
- ☆2,661Updated last year
- The Hunting ELK☆3,819Updated 10 months ago
- MISP (core software) - Open Source Threat Intelligence and Sharing Platform☆5,618Updated this week
- An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.☆1,855Updated last year
- YARA signature and IOC database for my scanners and tools☆2,587Updated last week
- Repository of yara rules☆4,336Updated 11 months ago
- Modular and decentralised honeypot☆2,439Updated 2 weeks ago
- Detect Tactics, Techniques & Combat Threats☆2,139Updated 2 months ago
- Cortex: a Powerful Observable Analysis and Active Response Engine☆1,398Updated 5 months ago