klingerko / nids-rule-library

Related projects: ⓘ

• michalpurzynski / zeek-scripts
  zeek-scripts
  ☆40Updated 5 years ago
• SpiderLabs / IOCs-IDPS
  This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)
  ☆98Updated 3 years ago
• travisbgreen / hunting-rules
  Suricata rules for network anomaly detection
  ☆152Updated 3 weeks ago
• AlkenePan / awesome-bro
  Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))
  ☆31Updated 4 years ago
• zeek / zeek-agent-v2
  Open source endpoint agent providing host information to Zeek. [v2]
  ☆61Updated this week
• OISF / suricata-intel-index
  Suricata rule and intel index
  ☆28Updated last month
• cyware-labs / Threat-Response-Docker
  ☆43Updated last year
• sudohyak / suricata-rules
  Suricata rules for the new critical vulnerabilities
  ☆79Updated 3 years ago
• 0xtf / nsm-attack
  Mapping NSM rules to MITRE ATT&CK
  ☆68Updated 4 years ago
• StamusNetworks / suricata-language-server
  Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…
  ☆60Updated 4 months ago
• jakewarren / suricata-rule-generator
  Quickly generate suricata rules for IOCs
  ☆28Updated 3 years ago
• jbaggs / anomalous-dns
  A set of zeek scripts providing a module for tracking and correlating abnormal DNS behavior.
  ☆34Updated 4 months ago
• advanced-threat-research / Ripple-20-Detection-Logic
  Ripple20 Critical Vulnerabilities - Detection Logic and Signatures
  ☆11Updated 3 years ago
• digitalbond / Quickdraw-Suricata
  A set of ICS IDS rules for use with Suricata.
  ☆45Updated 11 months ago
• certego / PcapMonkey
  PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.
  ☆142Updated 6 months ago
• OISF / suricata-verify
  Suricata Verification Tests - Testing Suricata Output
  ☆99Updated this week
• StamusNetworks / suricata-4-analysts
  The Security Analyst’s Guide to Suricata
  ☆49Updated 3 months ago
• lion-gu / ioc-explorer
  Explore Indicators of Compromise Automatically
  ☆94Updated 4 years ago
• mole-ids / mole
  Yara powered NIDS with high speed packet capture powered by PF_RING
  ☆66Updated 4 months ago
• Center-Sun / suricata-kafka-output
  provides a Suricata Eve output for Kafka with Suricate Eve plugin
  ☆14Updated 2 years ago
• ozuriexv / SublimeSuricata
  ☆35Updated 9 months ago
• tatsuiman / malware-traffic-analysis.net
  Download pcap files from http://www.malware-traffic-analysis.net/
  ☆73Updated 6 years ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆32Updated 2 years ago
• xisafe / suricata-rule
  suricata IDS的规则，测试在用的，部分自写的规则视情况放出。
  ☆17Updated 5 years ago
• zeek / zeek-af_packet-plugin
  Plugin providing native AF_Packet support for Zeek.
  ☆33Updated 5 months ago
• salesforce / bro-sysmon
  How to Zeek Sysmon Logs!
  ☆100Updated 2 years ago
• bhdresh / SnortRules
  This is an open source Snort rules repository
  ☆30Updated 2 years ago
• brimdata / brimcap
  Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
  ☆74Updated this week
• malicialab / iocsearcher
  A library and command line tool for extracting indicators of compromise (IOCs) from security reports in PDF, HTML, or text formats
  ☆25Updated this week
• m-chrome / py-suricataparser
  Pure python parser for Snort/Suricata rules.
  ☆25Updated 6 months ago