Security-Onion-Solutions / securityonion
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections, and case management. It also includes other tools such as osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
☆3,299Updated this week
Related projects ⓘ
Alternatives and complementary repositories for securityonion
- Digging Deeper....☆2,984Updated this week
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆1,968Updated this week
- Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management☆3,077Updated 3 years ago
- A Suricata based IDS/IPS/NSM distro☆1,479Updated 3 months ago
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,508Updated 4 months ago
- MISP (core software) - Open Source Threat Intelligence and Sharing Platform☆5,393Updated this week
- TheHive: a Scalable, Open Source and Free Security Incident Response Platform☆3,447Updated last year
- Web app that provides basic navigation and annotation of ATT&CK matrices☆2,007Updated last week
- Small and highly portable detection tests based on MITRE's ATT&CK.☆9,791Updated this week
- IntelOwl: manage your Threat Intelligence at scale☆3,845Updated this week
- A curated list of awesome YARA rules, tools, and people.☆3,565Updated this week
- Automated Adversary Emulation Platform☆5,660Updated this week
- Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term o…☆2,384Updated 2 months ago
- Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.☆2,315Updated this week
- ✨ A curated list of awesome threat detection and hunting resources 🕵️♂️☆3,847Updated 4 months ago
- Open Cyber Threat Intelligence Platform☆6,421Updated this week
- Rapidly Search and Hunt through Windows Forensic Artefacts☆2,877Updated last week
- Open Source Vulnerability Management Platform☆5,048Updated 3 weeks ago
- Cortex: a Powerful Observable Analysis and Active Response Engine☆1,345Updated 3 weeks ago
- Loki - Simple IOC and YARA Scanner☆3,402Updated 3 weeks ago
- Automate the creation of a lab environment complete with security tooling and logging best practices☆4,648Updated 4 months ago
- ☆2,189Updated last year
- Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Po…☆2,969Updated last week
- A repository of sysmon configuration modules☆2,664Updated 3 months ago
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆2,738Updated 5 months ago
- Modular and decentralised honeypot☆2,327Updated last week
- This repository contains the scanner component for Greenbone Community Edition.☆3,391Updated this week
- An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.☆1,724Updated 10 months ago
- A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…☆2,160Updated 2 weeks ago
- Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.☆11,022Updated this week