jasonish / eveboxLinks
Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search
☆458Updated last week
Alternatives and similar repositories for evebox
Users that are interested in evebox are comparing it to the libraries listed below
Sorting:
- Scirius is a web application for Suricata ruleset management and threat hunting.☆651Updated 2 weeks ago
- Suricata, Snort and Zeek IDS rule and pcap testing system☆478Updated last week
- Suricata IDS/IPS log analytics using the Elastic Stack.☆238Updated 3 years ago
- Suricata Extreme Performance Tuning guide☆209Updated 7 years ago
- The tool for updating your Suricata rules.☆271Updated last month
- Suricata Extreme Performance Tuning guide - Mark II☆117Updated 7 years ago
- A Suricata Docker image.☆283Updated 2 months ago
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆170Updated 2 years ago
- A Suricata based IDS/IPS/NSM distro☆1,536Updated 9 months ago
- A Linux Auditd rule set mapped to MITRE's Attack Framework☆792Updated 4 years ago
- idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)☆281Updated last year
- Passive Real-time Asset Detection System☆238Updated last year
- Pulled Pork for Snort and Suricata rule management (from Google code)☆434Updated 3 years ago
- Security event correlation engine for ELK stack☆439Updated 11 months ago
- a network packet capture compiler☆199Updated 3 years ago
- Wazuh - Ruleset☆448Updated 8 months ago
- Zeek IDS Dockerfile☆101Updated 2 years ago
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆408Updated this week
- The OTX Suricata Rule Generator can be used to create the rules and configuration for Suricata to alert on indicators from your OTX accou…☆110Updated last year
- Docker based Suricata, Elasticsearch, Logstash, Kibana, Scirius aka SELKS☆183Updated 2 years ago
- Automated deployment scripts for the RockNSM network hunting distribution.☆453Updated last year
- ** README ** This repo has MOVED to https://github.com/quadrantsec/sagan☆228Updated 4 years ago
- psad: Intrusion Detection and Log Analysis with iptables☆401Updated last year
- HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints…☆541Updated last month
- Suricata rules for network anomaly detection☆164Updated last month
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆175Updated 4 years ago
- Suricata Verification Tests - Testing Suricata Output☆108Updated this week
- An open standard for hashing network flows into identifiers, a.k.a "Community IDs".☆178Updated 8 months ago
- Alienvault ossim☆123Updated 3 months ago
- Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark☆437Updated last year