Security-Onion-Solutions / securityonionLinks
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections, and case management. It also includes other tools such as osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
☆3,712Updated last week
Alternatives and similar repositories for securityonion
Users that are interested in securityonion are comparing it to the libraries listed below
Sorting:
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆2,127Updated 2 weeks ago
- A Suricata based IDS/IPS/NSM distro☆1,536Updated 9 months ago
- Digging Deeper....☆3,277Updated this week
- TheHive: a Scalable, Open Source and Free Security Incident Response Platform☆3,672Updated 2 years ago
- Automated Adversary Emulation Platform☆6,155Updated last week
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,512Updated 10 months ago
- Loki - Simple IOC and YARA Scanner☆3,543Updated 6 months ago
- A curated list of awesome YARA rules, tools, and people.☆3,819Updated 2 months ago
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆2,891Updated 11 months ago
- MISP (core software) - Open Source Threat Intelligence and Sharing Platform☆5,715Updated this week
- Rapidly Search and Hunt through Windows Forensic Artefacts☆3,159Updated last month
- Modular and decentralised honeypot☆2,488Updated 2 weeks ago
- Small and highly portable detection tests based on MITRE's ATT&CK.☆10,598Updated this week
- Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management☆3,085Updated 4 years ago
- Your Everyday Threat Intelligence☆1,860Updated 3 weeks ago
- YARA signature and IOC database for my scanners and tools☆2,629Updated last week
- Open EDR public repository☆2,443Updated last year
- Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Po…☆3,199Updated 4 months ago
- Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)☆7,600Updated this week
- Automate the creation of a lab environment complete with security tooling and logging best practices☆4,759Updated 10 months ago
- Cortex: a Powerful Observable Analysis and Active Response Engine☆1,429Updated 7 months ago
- This repository contains the scanner component for Greenbone Community Edition.☆3,836Updated this week
- Open Source Vulnerability Management Platform☆5,415Updated last week
- A toolset to make a system look as if it was the victim of an APT attack☆2,601Updated last year
- Web app that provides basic navigation and annotation of ATT&CK matrices☆2,145Updated last week
- ✨ A curated list of awesome threat detection and hunting resources 🕵️♂️☆4,181Updated 10 months ago
- Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.☆6,913Updated this week
- Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.☆2,621Updated last week
- Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv…☆5,835Updated last week
- Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.☆1,953Updated this week