Security-Onion-Solutions / securityonion
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections, and case management. It also includes other tools such as osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
☆3,152Updated this week
Related projects: ⓘ
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,503Updated 2 months ago
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆1,904Updated last week
- Digging Deeper....☆2,874Updated this week
- Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management☆3,059Updated 3 years ago
- TheHive: a Scalable, Open Source and Free Security Incident Response Platform☆3,365Updated last year
- Main Sigma Rule Repository☆8,106Updated this week
- Automated Adversary Emulation Platform☆5,506Updated 2 weeks ago
- Automate the creation of a lab environment complete with security tooling and logging best practices☆4,600Updated 2 months ago
- Web app that provides basic navigation and annotation of ATT&CK matrices☆1,972Updated this week
- A Suricata based IDS/IPS/NSM distro☆1,438Updated last month
- Loki - Simple IOC and YARA Scanner☆3,343Updated 6 months ago
- Small and highly portable detection tests based on MITRE's ATT&CK.☆9,559Updated this week
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆2,699Updated 2 months ago
- MISP (core software) - Open Source Threat Intelligence and Sharing Platform☆5,256Updated this week
- Modular and decentralised honeypot☆2,281Updated this week
- A curated list of awesome YARA rules, tools, and people.☆3,472Updated 3 weeks ago
- Open EDR public repository☆2,224Updated 8 months ago
- 🍯 T-Pot - The All In One Multi Honeypot Platform 🐝☆6,653Updated last week
- Six Degrees of Domain Admin☆9,744Updated 2 months ago
- Sysmon configuration file template with default high-quality event tracing☆4,737Updated 2 months ago
- This repository contains the scanner component for Greenbone Community Edition.☆3,243Updated this week
- YARA signature and IOC database for my scanners and tools☆2,442Updated 3 weeks ago
- A repository of sysmon configuration modules☆2,621Updated 3 weeks ago
- Rapidly Search and Hunt through Windows Forensic Artefacts☆2,715Updated 3 weeks ago
- Adversary Emulation Framework☆8,239Updated this week
- Cortex: a Powerful Observable Analysis and Active Response Engine☆1,318Updated 2 months ago
- ✨ A curated list of awesome threat detection and hunting resources 🕵️♂️☆3,595Updated 2 months ago
- ☆2,156Updated 11 months ago
- Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)☆6,921Updated this week
- IntelOwl: manage your Threat Intelligence at scale☆3,754Updated this week