Security-Onion-Solutions / securityonion
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections, and case management. It also includes other tools such as osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
☆3,685Updated this week
Alternatives and similar repositories for securityonion:
Users that are interested in securityonion are comparing it to the libraries listed below
- Digging Deeper....☆3,235Updated this week
- TheHive: a Scalable, Open Source and Free Security Incident Response Platform☆3,645Updated 2 years ago
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆2,111Updated last week
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,509Updated 9 months ago
- Rapidly Search and Hunt through Windows Forensic Artefacts☆3,128Updated last week
- Small and highly portable detection tests based on MITRE's ATT&CK.☆10,523Updated this week
- Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management☆3,087Updated 4 years ago
- Automated Adversary Emulation Platform☆6,100Updated 2 weeks ago
- Web app that provides basic navigation and annotation of ATT&CK matrices☆2,126Updated 2 weeks ago
- MISP (core software) - Open Source Threat Intelligence and Sharing Platform☆5,679Updated this week
- Main Sigma Rule Repository☆9,161Updated last week
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆2,884Updated 10 months ago
- Sysmon configuration file template with default high-quality event tracing☆4,988Updated 10 months ago
- A Suricata based IDS/IPS/NSM distro☆1,529Updated 8 months ago
- Loki - Simple IOC and YARA Scanner☆3,524Updated 5 months ago
- Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Po…☆3,184Updated 3 months ago
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,200Updated last year
- Automate the creation of a lab environment complete with security tooling and logging best practices☆4,743Updated 10 months ago
- Cortex: a Powerful Observable Analysis and Active Response Engine☆1,421Updated 6 months ago
- Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.☆1,935Updated this week
- A curated list of awesome YARA rules, tools, and people.☆3,788Updated last month
- Open Cyber Threat Intelligence Platform☆7,259Updated this week
- Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.☆2,581Updated 2 weeks ago
- IntelOwl: manage your Threat Intelligence at scale☆4,117Updated this week
- Open EDR public repository☆2,429Updated last year
- Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)☆7,511Updated last week
- A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…☆2,280Updated this week
- This repository contains the scanner component for Greenbone Community Edition.☆3,789Updated this week
- Your Everyday Threat Intelligence☆1,847Updated this week
- ✨ A curated list of awesome threat detection and hunting resources 🕵️♂️☆4,150Updated 9 months ago