** README ** This repo has MOVED to https://github.com/quadrantsec/sagan
☆229Feb 9, 2021Updated 5 years ago
Alternatives and similar repositories for sagan
Users that are interested in sagan are comparing it to the libraries listed below
Sorting:
- Rule sets for Sagan☆106Jan 7, 2021Updated 5 years ago
- Scirius is a web application for Suricata ruleset management and threat hunting.☆673Dec 23, 2025Updated 2 months ago
- Suricata Extreme Performance Tuning guide☆213Mar 15, 2018Updated 7 years ago
- Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search☆485Feb 19, 2026Updated last week
- Security event correlation engine for ELK stack☆448Jun 26, 2024Updated last year
- An open standard for hashing network flows into identifiers, a.k.a "Community IDs".☆195Sep 23, 2024Updated last year
- Pulled Pork for Snort and Suricata rule management (from Google code)☆442Jul 7, 2021Updated 4 years ago
- Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management☆3,106Apr 16, 2021Updated 4 years ago
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆505Oct 21, 2022Updated 3 years ago
- Scripts used to create ISO installers of ROCK for offline installation.☆10Mar 13, 2023Updated 2 years ago
- Scanning alive hosts of the given CIDR range in parallel.☆10May 8, 2025Updated 9 months ago
- Community-based CybergON-powered Suricata rules☆12Jul 5, 2022Updated 3 years ago
- Bro scripts for the ROCK platform. http://rocknsm.io☆34Jul 2, 2023Updated 2 years ago
- Rekall Forensics and Incident Response Framework with rVMI extensions☆33Mar 25, 2021Updated 4 years ago
- How to Zeek Sysmon Logs!☆103Feb 12, 2022Updated 4 years ago
- simple http(s) proxy with python based sqlmapapi wrapper☆10Jul 20, 2015Updated 10 years ago
- Protocol Analysis/Decoder Framework☆497Dec 19, 2022Updated 3 years ago
- Attack Detection☆1,358Aug 31, 2022Updated 3 years ago
- An analytical framework for network traffic and behavioral analytics☆456Dec 7, 2022Updated 3 years ago
- An open source framework for enterprise level automated analysis.☆394Jun 27, 2022Updated 3 years ago
- Fast Incident Response☆1,995Feb 17, 2026Updated last week
- Mapping NSM rules to MITRE ATT&CK☆73Aug 29, 2020Updated 5 years ago
- Your Everyday Threat Intelligence☆1,951Feb 12, 2026Updated 2 weeks ago
- Script for automating Linux memory capture and analysis☆274Feb 1, 2020Updated 6 years ago
- Creates an ATT&CK Navigator map of an Adversary Emulation Plan☆17Sep 4, 2021Updated 4 years ago
- idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)☆284Jul 10, 2025Updated 7 months ago
- Docker based Suricata, Elasticsearch, Logstash, Kibana, Scirius aka SELKS☆184Sep 13, 2022Updated 3 years ago
- Manticore Adversary Emulation Cli☆47Aug 4, 2020Updated 5 years ago
- Mitre Att&ck Technique Emulation☆82Mar 6, 2019Updated 6 years ago
- Zeek package for tracking long connections to report them before they have completed.☆31Nov 25, 2025Updated 3 months ago
- Tenzir is the data pipeline engine for security teams.☆722Updated this week
- Things to know when DFIR occurs near a vault deployment.☆44May 21, 2018Updated 7 years ago
- Barnyard2 is a dedicated spooler for Snort's unified2 binary output format.☆352Apr 11, 2024Updated last year
- Isolated, Scalable, & Lightweight Environment for Training☆111Jun 24, 2019Updated 6 years ago
- Add POST body excerpt to Bro's HTTP log☆14Dec 10, 2025Updated 2 months ago
- Globally distributed honeypots and HoneyNets IOCs and file reversing☆16Apr 22, 2024Updated last year
- scan-detection policies for bro☆16Jan 16, 2025Updated last year
- Web service for scanning pcaps with snort☆110Jul 4, 2018Updated 7 years ago
- Bro Intel Feed Linter☆26Aug 30, 2019Updated 6 years ago