jasonish / evebox
Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search
☆455Updated 2 weeks ago
Alternatives and similar repositories for evebox:
Users that are interested in evebox are comparing it to the libraries listed below
- Scirius is a web application for Suricata ruleset management and threat hunting.☆650Updated last week
- Suricata IDS/IPS log analytics using the Elastic Stack.☆238Updated 3 years ago
- Suricata, Snort and Zeek IDS rule and pcap testing system☆474Updated 3 months ago
- The tool for updating your Suricata rules.☆270Updated 2 weeks ago
- Suricata Extreme Performance Tuning guide☆208Updated 7 years ago
- idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)☆281Updated last year
- a network packet capture compiler☆199Updated 2 years ago
- A Suricata based IDS/IPS/NSM distro☆1,526Updated 8 months ago
- Suricata Extreme Performance Tuning guide - Mark II☆117Updated 7 years ago
- The OTX Suricata Rule Generator can be used to create the rules and configuration for Suricata to alert on indicators from your OTX accou…☆109Updated 11 months ago
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆170Updated last year
- Pulled Pork for Snort and Suricata rule management (from Google code)☆434Updated 3 years ago
- A Suricata Docker image.☆280Updated 3 weeks ago
- Suricata rules for network anomaly detection☆160Updated last week
- Automated deployment scripts for the RockNSM network hunting distribution.☆453Updated last year
- ** README ** This repo has MOVED to https://github.com/quadrantsec/sagan☆228Updated 4 years ago
- Security event correlation engine for ELK stack☆438Updated 9 months ago
- Passive Real-time Asset Detection System☆237Updated 10 months ago
- Wazuh - Ruleset☆446Updated 7 months ago
- Sagan is a multi-threads, high performance log analysis engine. At it's core, Sagan similar to Suricata/Snort but with logs rather th…☆168Updated 3 weeks ago
- A Linux Auditd rule set mapped to MITRE's Attack Framework☆788Updated 4 years ago
- Zeek IDS Dockerfile☆101Updated 2 years ago
- Docker based Suricata, Elasticsearch, Logstash, Kibana, Scirius aka SELKS☆184Updated 2 years ago
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆175Updated 4 years ago
- Rule sets for Sagan☆103Updated 4 years ago
- Web service for scanning pcaps with snort☆109Updated 6 years ago
- HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints…☆540Updated last year
- Suricata Verification Tests - Testing Suricata Output☆106Updated this week
- Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark☆434Updated last year
- Barnyard2 is a dedicated spooler for Snort's unified2 binary output format.☆353Updated last year