Security-Onion-Solutions / securityonionLinks
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections, and case management. It also includes other tools such as osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
☆4,120Updated this week
Alternatives and similar repositories for securityonion
Users that are interested in securityonion are comparing it to the libraries listed below
Sorting:
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆2,252Updated 2 weeks ago
- A Suricata based NDR distribution☆1,572Updated last month
- Digging Deeper....☆3,526Updated this week
- TheHive: a Scalable, Open Source and Free Security Incident Response Platform☆3,835Updated 3 months ago
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,509Updated last year
- MISP (core software) - Open Source Threat Intelligence and Sharing Platform☆5,968Updated this week
- A curated list of awesome YARA rules, tools, and people.☆4,034Updated 7 months ago
- Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management☆3,104Updated 4 years ago
- Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.☆2,087Updated this week
- Web app that provides basic navigation and annotation of ATT&CK matrices☆2,238Updated this week
- Loki - Simple IOC and YARA Scanner☆3,661Updated last month
- This repository contains the scanner component for Greenbone Community Edition.☆4,116Updated this week
- Modular and decentralised honeypot☆2,641Updated 5 months ago
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆3,002Updated last week
- Automated Adversary Emulation Platform☆6,493Updated last week
- Open Cyber Threat Intelligence Platform☆7,865Updated last week
- Cortex: a Powerful Observable Analysis and Active Response Engine☆1,500Updated 3 months ago
- Open EDR public repository☆2,540Updated last year
- Rapidly Search and Hunt through Windows Forensic Artefacts☆3,336Updated 2 weeks ago
- Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!☆1,120Updated this week
- Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Po…☆3,441Updated 2 months ago
- ✨ A curated list of awesome threat detection and hunting resources 🕵️♂️☆4,370Updated last year
- Malware Configuration And Payload Extraction☆2,742Updated last week
- Your Everyday Threat Intelligence☆1,919Updated 2 months ago
- Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.☆2,879Updated 2 weeks ago
- Wazuh - Docker containers☆930Updated last week
- Sysmon configuration file template with default high-quality event tracing☆5,225Updated last year
- Small and highly portable detection tests based on MITRE's ATT&CK.☆11,121Updated this week
- RedEye is a visual analytic tool supporting Red & Blue Team operations☆2,729Updated 2 years ago
- Automate the creation of a lab environment complete with security tooling and logging best practices☆4,845Updated last year