Security-Onion-Solutions / securityonionLinks
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections, and case management. It also includes other tools such as osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
☆4,335Updated this week
Alternatives and similar repositories for securityonion
Users that are interested in securityonion are comparing it to the libraries listed below
Sorting:
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆2,334Updated 2 weeks ago
- Digging Deeper....☆3,747Updated last week
- TheHive is a Collaborative Case Management Platform, now distributed as a commercial version☆3,880Updated 6 months ago
- MISP (core software) - Open Source Threat Intelligence and Sharing Platform☆6,123Updated this week
- A Suricata based NDR distribution☆1,590Updated 5 months ago
- Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.☆2,183Updated this week
- Web app that provides basic navigation and annotation of ATT&CK matrices☆2,321Updated this week
- Automated Adversary Emulation Platform☆6,733Updated this week
- Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management☆3,108Updated 4 years ago
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,514Updated last month
- Loki - Simple IOC and YARA Scanner☆3,715Updated last month
- Cortex: a Powerful Observable Analysis and Active Response Engine☆1,545Updated 2 months ago
- Modular and decentralised honeypot☆2,760Updated last week
- Open Cyber Threat Intelligence Platform☆8,164Updated last week
- This repository contains the scanner component for Greenbone Community Edition.☆4,405Updated last week
- Open EDR public repository☆2,604Updated 2 years ago
- Open Source Vulnerability Management Platform☆6,255Updated 2 weeks ago
- A curated list of awesome YARA rules, tools, and people.☆4,136Updated 10 months ago
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆3,049Updated 3 months ago
- 🍯 T-Pot - The All In One Multi Honeypot Platform 🐝☆8,730Updated 2 weeks ago
- Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OIS…☆6,000Updated this week
- Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.☆3,014Updated last week
- Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.☆7,463Updated this week
- Main Sigma Rule Repository☆10,109Updated this week
- Malwoverview is a rapid response tool used to gather intelligence information from VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malsh…☆3,531Updated 3 weeks ago
- OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, roo…��☆5,021Updated last week
- Snort++☆3,261Updated 3 weeks ago
- Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!☆1,214Updated 2 weeks ago
- IntelOwl: manage your Threat Intelligence at scale☆4,445Updated this week
- Rapidly Search and Hunt through Windows Forensic Artefacts☆3,440Updated 4 months ago