Security-Onion-Solutions / securityonion
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections, and case management. It also includes other tools such as osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
☆3,462Updated this week
Alternatives and similar repositories for securityonion:
Users that are interested in securityonion are comparing it to the libraries listed below
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,507Updated 6 months ago
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆2,035Updated last week
- A curated list of awesome YARA rules, tools, and people.☆3,661Updated 2 months ago
- Automated Adversary Emulation Platform☆5,804Updated this week
- Digging Deeper....☆3,069Updated this week
- ✨ A curated list of awesome threat detection and hunting resources 🕵️♂️☆3,981Updated 6 months ago
- Web app that provides basic navigation and annotation of ATT&CK matrices☆2,046Updated last week
- Main Sigma Rule Repository☆8,639Updated last week
- TheHive: a Scalable, Open Source and Free Security Incident Response Platform☆3,523Updated 2 years ago
- Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management☆3,085Updated 3 years ago
- MISP (core software) - Open Source Threat Intelligence and Sharing Platform☆5,488Updated this week
- Loki - Simple IOC and YARA Scanner☆3,450Updated 2 months ago
- Cortex: a Powerful Observable Analysis and Active Response Engine☆1,367Updated 3 months ago
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆2,810Updated 7 months ago
- Automate the creation of a lab environment complete with security tooling and logging best practices☆4,682Updated 6 months ago
- ☆2,220Updated last year
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,094Updated 11 months ago
- YARA signature and IOC database for my scanners and tools☆2,530Updated this week
- Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Po…☆3,073Updated this week
- Rapidly Search and Hunt through Windows Forensic Artefacts☆3,010Updated last month
- Six Degrees of Domain Admin☆10,012Updated 7 months ago
- Small and highly portable detection tests based on MITRE's ATT&CK.☆10,089Updated this week
- Open EDR public repository☆2,337Updated last year
- A utility to safely generate malicious network traffic patterns and evaluate controls.☆1,283Updated 9 months ago
- Modular and decentralised honeypot☆2,383Updated 2 months ago
- The Hunting ELK☆3,789Updated 7 months ago
- A toolset to make a system look as if it was the victim of an APT attack☆2,505Updated last year
- A repository of sysmon configuration modules☆2,707Updated 5 months ago
- A Suricata based IDS/IPS/NSM distro☆1,503Updated 5 months ago
- This repository contains the scanner component for Greenbone Community Edition.☆3,565Updated this week