Security-Onion-Solutions / securityonion
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections, and case management. It also includes other tools such as osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
☆3,562Updated this week
Alternatives and similar repositories for securityonion:
Users that are interested in securityonion are comparing it to the libraries listed below
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆2,065Updated this week
- Automated Adversary Emulation Platform☆5,899Updated this week
- Digging Deeper....☆3,127Updated this week
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,510Updated 7 months ago
- Rapidly Search and Hunt through Windows Forensic Artefacts☆3,055Updated 2 months ago
- Small and highly portable detection tests based on MITRE's ATT&CK.☆10,240Updated this week
- A curated list of awesome YARA rules, tools, and people.☆3,696Updated 2 weeks ago
- Automate the creation of a lab environment complete with security tooling and logging best practices☆4,703Updated 7 months ago
- Main Sigma Rule Repository☆8,753Updated this week
- Open Cyber Threat Intelligence Platform☆7,010Updated this week
- MISP (core software) - Open Source Threat Intelligence and Sharing Platform☆5,548Updated this week
- Loki - Simple IOC and YARA Scanner☆3,480Updated 3 months ago
- RedEye is a visual analytic tool supporting Red & Blue Team operations☆2,698Updated last year
- A Suricata based IDS/IPS/NSM distro☆1,512Updated 6 months ago
- Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management☆3,084Updated 3 years ago
- Open Source Vulnerability Management Platform☆5,218Updated last month
- ✨ A curated list of awesome threat detection and hunting resources 🕵️♂️☆4,043Updated 7 months ago
- Six Degrees of Domain Admin☆10,072Updated 2 weeks ago
- TheHive: a Scalable, Open Source and Free Security Incident Response Platform☆3,567Updated 2 years ago
- A collaborative, multi-platform, red teaming framework☆3,447Updated this week
- Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Po…☆3,101Updated last month
- Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)☆7,325Updated 2 weeks ago
- Adversary Emulation Framework☆8,968Updated this week
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆2,844Updated 8 months ago
- A list of cyber-chef recipes and curated links☆2,066Updated 8 months ago
- An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.☆1,819Updated last year
- Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv…☆5,680Updated last month
- 🍯 T-Pot - The All In One Multi Honeypot Platform 🐝☆7,457Updated last week
- Network Analysis Tool☆3,198Updated last year
- This repository contains the scanner component for Greenbone Community Edition.☆3,632Updated this week