Alternatives and similar repositories for ossim

Users that are interested in ossim are comparing it to the libraries listed below

• secureworks / dalton
  Suricata, Snort and Zeek IDS rule and pcap testing system
  ☆477Updated 4 months ago
• brimdata / brimcap
  Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
  ☆81Updated 3 weeks ago
• michalpurzynski / zeek-scripts
  zeek-scripts
  ☆43Updated 6 years ago
• AlienVault-OTX / OTX-Suricata
  The OTX Suricata Rule Generator can be used to create the rules and configuration for Suricata to alert on indicators from your OTX accou…
  ☆110Updated last year
• OISF / suricata-update
  The tool for updating your Suricata rules.
  ☆271Updated last month
• 0xtf / nsm-attack
  Mapping NSM rules to MITRE ATT&CK
  ☆71Updated 4 years ago
• sudohyak / suricata-rules
  Suricata rules for the new critical vulnerabilities
  ☆82Updated 4 years ago
• travisbgreen / hunting-rules
  Suricata rules for network anomaly detection
  ☆162Updated last month
• apache / metron-bro-plugin-kafka
  Apache Metron
  ☆59Updated 4 years ago
• wazuh / wazuh-splunk
  Wazuh - Splunk App
  ☆53Updated 8 months ago
• digitalbond / Quickdraw-Snort
  Digital Bond's IDS/IPS rules for ICS and ICS protocols.
  ☆144Updated 4 years ago
• SpiderLabs / IOCs-IDPS
  This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)
  ☆103Updated 3 years ago
• jasonish / evebox
  Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search
  ☆457Updated last week
• cyware-labs / Threat-Response-Docker
  ☆43Updated 2 years ago
• wazuh / wazuh-api
  Wazuh - RESTful API
  ☆73Updated 8 months ago
• defenxor / dsiem
  Security event correlation engine for ELK stack
  ☆440Updated 10 months ago
• SeisoLLC / zeek-kafka
  A Zeek log writer plugin that publishes to Kafka.
  ☆47Updated 4 months ago
• robcowart / synesis_lite_suricata
  Suricata IDS/IPS log analytics using the Elastic Stack.
  ☆238Updated 3 years ago
• quadrantsec / sagan
  Sagan is a multi-threads, high performance log analysis engine. At it's core, Sagan similar to Suricata/Snort but with logs rather th…
  ☆168Updated last month
• Elemental-attack / Elemental
  Elemental - An ATT&CK Threat Library
  ☆317Updated 2 years ago
• digitalbond / Quickdraw-Suricata
  A set of ICS IDS rules for use with Suricata.
  ☆50Updated last year
• bro / bro
  Mirror of https://github.com/zeek/zeek
  ☆175Updated 2 years ago
• mitre / attack-navigator
  Web app that provides basic navigation and annotation of ATT&CK matrices
  ☆58Updated 5 years ago
• gamelinux / prads
  Passive Real-time Asset Detection System
  ☆237Updated 11 months ago
• ossec / ossec-rules
  A repository for OSSEC rules and decoders
  ☆54Updated last year
• akky2892 / Sigma-to
  Sigma is Generic Signature Format for SIEM Systems written by Florian Roth @Neo23x0 and Thomas Patzke. This repository is providing sprea…
  ☆29Updated 5 years ago
• blacktop / docker-zeek
  Zeek IDS Dockerfile
  ☆101Updated 2 years ago
• ossec / ossec-docs
  OSSEC Documentation
  ☆138Updated 3 months ago
• OISF / suricata-verify
  Suricata Verification Tests - Testing Suricata Output
  ☆107Updated this week
• lion-gu / ioc-explorer
  Explore Indicators of Compromise Automatically
  ☆94Updated 5 years ago