☆38Nov 20, 2025Updated 3 months ago
Alternatives and similar repositories for suricata-analytics
Users that are interested in suricata-analytics are comparing it to the libraries listed below
Sorting:
- The Security Analyst’s Guide to Suricata☆61Apr 28, 2025Updated 10 months ago
- ☆21May 1, 2025Updated 10 months ago
- provides a Suricata Eve output for Kafka with Suricate Eve plugin☆15Nov 25, 2021Updated 4 years ago
- Full packet capture with flow cutoff, rotation, and compression☆15Sep 18, 2018Updated 7 years ago
- Go implementation of the Community ID flow hashing standard☆21Apr 17, 2025Updated 10 months ago
- Suricata rule and intel index☆33Jan 13, 2026Updated last month
- Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert☆37Nov 9, 2022Updated 3 years ago
- Zeek scripts that provide an alternative log file logging TLS/SSL traffic☆12May 4, 2021Updated 4 years ago
- A Python implementation of the Community ID flow hashing standard☆23Nov 29, 2023Updated 2 years ago
- Passive DNS server interface compliant to "Common Output Format"☆10Sep 19, 2016Updated 9 years ago
- Dockerized Zeek☆12Mar 9, 2024Updated last year
- ☆10Jun 2, 2020Updated 5 years ago
- Kaze's openly available CVE vulnerability data.☆16Apr 7, 2025Updated 10 months ago
- Extensions for Zeek's Intelligence Framework.☆11Mar 1, 2022Updated 4 years ago
- Quickly generate suricata rules for IOCs☆28Apr 30, 2021Updated 4 years ago
- fast, extensible, versatile event router for Suricata's EVE-JSON format☆57Nov 20, 2025Updated 3 months ago
- Ansible role skeleton used for new cloud alchemy roles☆15May 11, 2022Updated 3 years ago
- A collection of Cortex Analyzers and Responders for TheHive/Cortex☆13Jan 29, 2020Updated 6 years ago
- MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats☆56Feb 13, 2026Updated 2 weeks ago
- SACTI - Securely aggregate CTI sightings and report them on MISP☆14Oct 24, 2022Updated 3 years ago
- Repository to provide files related to our blog articles.☆16May 26, 2025Updated 9 months ago
- Cyber threat intelligence crates for Rust☆16Jan 22, 2024Updated 2 years ago
- Sighting DB is designed to scale writing and reading a count of attributes, tracking when if was first and last seen☆17Apr 11, 2024Updated last year
- YARA, SIGMA, SNORT Rules based on Malware Analysis☆16Apr 23, 2025Updated 10 months ago
- Python libary to normalize Yara signatures☆19Oct 9, 2020Updated 5 years ago
- ☆14Aug 1, 2025Updated 7 months ago
- Application and service identification rules for Suricata☆19Nov 7, 2022Updated 3 years ago
- A curated list of awesome things related to Suricata☆221Nov 21, 2025Updated 3 months ago
- ☆45Nov 18, 2025Updated 3 months ago
- Python for Defenders Course Resources☆20Aug 7, 2025Updated 6 months ago
- Statistics parsing for suricata☆18Nov 14, 2013Updated 12 years ago
- High resolution traffic measurement tool for Linux written in Go☆19Jul 28, 2019Updated 6 years ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆118Jan 22, 2026Updated last month
- Create mails showing your configuration drift from an ansible repo☆19Jan 3, 2026Updated 2 months ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆24Oct 9, 2024Updated last year
- Using nDPI/openDPI to detect flow protocols from a PCAP file or live NIC. This program was modified from example in nDPI and I added a pe…☆23May 6, 2016Updated 9 years ago
- A string_view implementation that can remember if it was a c-string once☆20Nov 16, 2020Updated 5 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19May 11, 2021Updated 4 years ago
- Build Automated Machine Images for MISP☆29Jun 9, 2023Updated 2 years ago