Rule sets for Sagan
☆106Jan 7, 2021Updated 5 years ago
Alternatives and similar repositories for sagan-rules
Users that are interested in sagan-rules are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ** README ** This repo has MOVED to https://github.com/quadrantsec/sagan☆229Feb 9, 2021Updated 5 years ago
- CyLR - Live Response Collection Tool☆10Jul 14, 2020Updated 5 years ago
- Bro Intel Feed Linter☆26Aug 30, 2019Updated 6 years ago
- Package build sources for bulding rsyslog Ubuntu packages☆24Mar 3, 2026Updated 2 weeks ago
- Yara is awesome, but sometimes you need to manipulate the data streams you're scanning in different ways.☆98Oct 21, 2014Updated 11 years ago
- Detect Phishing with Bro IDS☆18Feb 1, 2017Updated 9 years ago
- ☆35Mar 12, 2026Updated last week
- Snort in Docker for Network Functions Virtualization (NFV)☆108Apr 29, 2019Updated 6 years ago
- Bro scripts to monitor for new hosts within a subnet range that aren't whitelisted/vetted.☆13Jun 28, 2013Updated 12 years ago
- Scripts targeting specific families☆13Jul 3, 2017Updated 8 years ago
- Yara rules I've written☆10Dec 9, 2015Updated 10 years ago
- Simple Event Correlator ruleset repository☆31Nov 19, 2021Updated 4 years ago
- Uses es_stats to report Elasticsearch cluster and node metrics to Zabbix☆11Oct 30, 2018Updated 7 years ago
- A "safe way" to do man-in-the-middle attack test, without using ARP attack.☆10Jun 2, 2021Updated 4 years ago
- ☆16Jun 27, 2017Updated 8 years ago
- Extensions for Zeek's Intelligence Framework.☆11Mar 1, 2022Updated 4 years ago
- Web Interface Portal & Security Threat Engine for REMnux☆24Aug 1, 2016Updated 9 years ago
- A Yara Lua output script for Suricata☆20Apr 7, 2019Updated 6 years ago
- Examples for the CyCLI Powershell module☆12Mar 8, 2019Updated 7 years ago
- Set of scripts to index PCAP files and retrieve packets☆14Sep 10, 2015Updated 10 years ago
- Hogzilla is an Intrusion Detection System (IDS) supported by Snort, Apache Spark, HBase and libnDPI, which provides Network Anomaly Detec…☆28Apr 18, 2018Updated 7 years ago
- Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search☆485Updated this week
- Attack Detection☆1,360Aug 31, 2022Updated 3 years ago
- CVE, reports, research☆15Mar 17, 2021Updated 5 years ago
- Search engine for web assets☆55May 27, 2017Updated 8 years ago
- Quickly generate snort rules for IOCs☆18Oct 21, 2015Updated 10 years ago
- CVE-2019-10392 RCE Jackson with Git Client Plugin 2.8.2 (Authenticated)☆21Sep 26, 2019Updated 6 years ago
- Honeynet Project generic authenticated datafeed protocol☆19Jun 12, 2019Updated 6 years ago
- Cuckoo Sandbox Local Maltego Transforms Project☆49Jul 2, 2014Updated 11 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆53Jul 27, 2022Updated 3 years ago
- SaltStack formula for deploying Cuckoo Sandbox☆14Nov 27, 2018Updated 7 years ago
- An LLM and OCR based Indicator of Compromise Extraction Tool☆38Dec 4, 2024Updated last year
- OVAL For CentOS☆25Jan 18, 2022Updated 4 years ago
- Add POST body excerpt to Bro's HTTP log☆14Dec 10, 2025Updated 3 months ago
- Tool for managing Zeek deployments.☆60Mar 12, 2026Updated last week
- You can access the sigma rules to detect malicious activities. It is organized by Mitre Att&ck categories.☆13Feb 7, 2022Updated 4 years ago
- The Auditd Framework logs and applies security policy to linux auditd data☆15Jan 26, 2018Updated 8 years ago
- A python script to create a fake GitHub runner and hijack pipeline jobs to leak CI/CD secrets.☆28Oct 13, 2024Updated last year
- ioc2rpz webgui☆17Feb 13, 2026Updated last month