klingerko / nids-rule-library
Collection of various open-source an commercial rulesets for NIDS (especially for Suricata and Snort)
☆19Updated last year
Related projects: ⓘ
- zeek-scripts☆40Updated 5 years ago
- This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)☆98Updated 3 years ago
- Suricata rules for network anomaly detection☆152Updated 3 weeks ago
- Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))☆31Updated 4 years ago
- Open source endpoint agent providing host information to Zeek. [v2]☆61Updated this week
- Suricata rule and intel index☆28Updated last month
- ☆43Updated last year
- Suricata rules for the new critical vulnerabilities☆79Updated 3 years ago
- Mapping NSM rules to MITRE ATT&CK☆68Updated 4 years ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆60Updated 4 months ago
- Quickly generate suricata rules for IOCs☆28Updated 3 years ago
- A set of zeek scripts providing a module for tracking and correlating abnormal DNS behavior.☆34Updated 4 months ago
- Ripple20 Critical Vulnerabilities - Detection Logic and Signatures☆11Updated 3 years ago
- A set of ICS IDS rules for use with Suricata.☆45Updated 11 months ago
- PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.☆142Updated 6 months ago
- Suricata Verification Tests - Testing Suricata Output☆99Updated this week
- The Security Analyst’s Guide to Suricata☆49Updated 3 months ago
- Explore Indicators of Compromise Automatically☆94Updated 4 years ago
- Yara powered NIDS with high speed packet capture powered by PF_RING☆66Updated 4 months ago
- provides a Suricata Eve output for Kafka with Suricate Eve plugin☆14Updated 2 years ago
- ☆35Updated 9 months ago
- Download pcap files from http://www.malware-traffic-analysis.net/☆73Updated 6 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆32Updated 2 years ago
- suricata IDS的规则,测试在用的,部分自写的规则视情况放出。☆17Updated 5 years ago
- Plugin providing native AF_Packet support for Zeek.☆33Updated 5 months ago
- How to Zeek Sysmon Logs!☆100Updated 2 years ago
- This is an open source Snort rules repository☆30Updated 2 years ago
- Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)☆74Updated this week
- A library and command line tool for extracting indicators of compromise (IOCs) from security reports in PDF, HTML, or text formats☆25Updated this week
- Pure python parser for Snort/Suricata rules.☆25Updated 6 months ago