Security-Onion-Solutions / securityonionLinks
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections, and case management. It also includes other tools such as osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
☆3,876Updated last week
Alternatives and similar repositories for securityonion
Users that are interested in securityonion are comparing it to the libraries listed below
Sorting:
- Digging Deeper....☆3,398Updated this week
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆2,192Updated 2 weeks ago
- A Suricata based IDS/IPS/NSM distro☆1,558Updated 2 weeks ago
- TheHive: a Scalable, Open Source and Free Security Incident Response Platform☆3,794Updated 3 weeks ago
- MISP (core software) - Open Source Threat Intelligence and Sharing Platform☆5,857Updated last week
- Web app that provides basic navigation and annotation of ATT&CK matrices☆2,198Updated 2 weeks ago
- Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.☆2,019Updated this week
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,514Updated last year
- Cortex: a Powerful Observable Analysis and Active Response Engine☆1,458Updated last month
- A curated list of awesome YARA rules, tools, and people.☆3,937Updated 4 months ago
- Loki - Simple IOC and YARA Scanner☆3,625Updated this week
- Open Cyber Threat Intelligence Platform☆7,645Updated this week
- Modular and decentralised honeypot☆2,563Updated 3 months ago
- Rapidly Search and Hunt through Windows Forensic Artefacts☆3,244Updated last month
- Cyber Threat Intelligence Repository expressed in STIX 2.0☆1,929Updated 2 weeks ago
- Automated Adversary Emulation Platform☆6,354Updated last week
- Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management☆3,101Updated 4 years ago
- Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!☆850Updated 2 weeks ago
- Wazuh - Docker containers☆886Updated this week
- Malware Configuration And Payload Extraction☆2,619Updated this week
- Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.☆2,779Updated last week
- Sysmon configuration file template with default high-quality event tracing☆5,134Updated last year
- Repository of yara rules☆4,499Updated last year
- Open EDR public repository☆2,490Updated last year
- Your Everyday Threat Intelligence☆1,894Updated this week
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆2,969Updated last year
- Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.☆7,087Updated this week
- Main Sigma Rule Repository☆9,527Updated last week
- Snort++☆3,008Updated last week
- Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OIS…☆5,482Updated 2 weeks ago