jasonish / evebox
Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search
☆452Updated this week
Alternatives and similar repositories for evebox:
Users that are interested in evebox are comparing it to the libraries listed below
- Scirius is a web application for Suricata ruleset management and threat hunting.☆646Updated 3 months ago
- Suricata, Snort and Zeek IDS rule and pcap testing system☆473Updated 2 months ago
- Suricata IDS/IPS log analytics using the Elastic Stack.☆238Updated 3 years ago
- The tool for updating your Suricata rules.☆266Updated 3 months ago
- idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)☆281Updated last year
- Suricata Extreme Performance Tuning guide☆207Updated 7 years ago
- A Suricata based IDS/IPS/NSM distro☆1,518Updated 7 months ago
- Passive Real-time Asset Detection System☆235Updated 10 months ago
- A Suricata Docker image.☆277Updated last week
- Pulled Pork for Snort and Suricata rule management (from Google code)☆432Updated 3 years ago
- a network packet capture compiler☆198Updated 2 years ago
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆170Updated last year
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆392Updated this week
- ** README ** This repo has MOVED to https://github.com/quadrantsec/sagan☆228Updated 4 years ago
- Security event correlation engine for ELK stack☆436Updated 9 months ago
- Docker based Suricata, Elasticsearch, Logstash, Kibana, Scirius aka SELKS☆184Updated 2 years ago
- Suricata Extreme Performance Tuning guide - Mark II☆115Updated 6 years ago
- Automated deployment scripts for the RockNSM network hunting distribution.☆453Updated last year
- Suricata rules for network anomaly detection☆156Updated 2 weeks ago
- A Linux Auditd rule set mapped to MITRE's Attack Framework☆787Updated 4 years ago
- Barnyard2 is a dedicated spooler for Snort's unified2 binary output format.☆353Updated 11 months ago
- Super Next generation Advanced Reactive honEypot☆461Updated 9 months ago
- HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints…☆538Updated last year
- Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark☆434Updated last year
- The OTX Suricata Rule Generator can be used to create the rules and configuration for Suricata to alert on indicators from your OTX accou…☆109Updated 11 months ago
- psad: Intrusion Detection and Log Analysis with iptables☆396Updated last year
- Suricata Verification Tests - Testing Suricata Output☆105Updated this week
- Wazuh - Ruleset☆438Updated 6 months ago
- Zeek IDS Dockerfile☆101Updated 2 years ago
- Web service for scanning pcaps with snort☆108Updated 6 years ago