m-chrome / py-suricataparser

Related projects ⓘ

Alternatives and complementary repositories for py-suricataparser

• OISF / suricata-intel-index
  Suricata rule and intel index
  ☆29Updated last month
• COSSAS / dgad
  DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic
  ☆38Updated 3 months ago
• 0xtf / nsm-attack
  Mapping NSM rules to MITRE ATT&CK
  ☆68Updated 4 years ago
• cedricbonhomme / pyHIDS
  A HIDS (host-based intrusion detection system) for verifying the integrity of a system.
  ☆57Updated 3 months ago
• StamusNetworks / suricata-language-server
  Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…
  ☆64Updated last week
• PaloAltoNetworks / pyjarm
  pyJARM is a library for doing JARM fingerprinting using python
  ☆50Updated 3 years ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆35Updated 2 years ago
• klingerko / nids-rule-library
  Collection of various open-source an commercial rulesets for NIDS (especially for Suricata and Snort)
  ☆20Updated last year
• sebdraven / IOCmite
  Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert
  ☆37Updated 2 years ago
• AlkenePan / awesome-bro
  Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))
  ☆31Updated 4 years ago
• zeek / spicy-analyzers
  Growing collection of Spicy-based protocol and file analyzers for Zeek
  ☆31Updated 2 months ago
• CyCat-project / cycat-service
  CyCAT.org API back-end server including crawlers
  ☆30Updated last year
• mmguero-dev / Malcolm-PCAP
  A set of PCAPs used to test the parsers used by Malcolm. Also, a curated list of PCAP collections I've found online.
  ☆32Updated this week
• 0xrawsec / gene-rules
  ☆39Updated 2 years ago
• theY4Kman / parsuricata
  Parse Suricata rules
  ☆13Updated last year
• Cluster25 / detection
  Threat Detection Rules (Snort/Sigma/Yara)
  ☆13Updated 9 months ago
• vmapps / attack2neo
  Import Mitre Att&ck into Neo4j database
  ☆33Updated last year
• lprat / static_file_analysis
  Analysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules
  ☆49Updated last year
• wrayjustin / yaids
  YAIDS - Yara-Based IDS - Yara as an Intrusion Detection System / Yet Another Intrusion Detection System - An Intrusion Detection System (…
  ☆22Updated 2 years ago
• cyware-labs / Threat-Response-Docker
  ☆41Updated last year
• SimoneCagol / sigma-rules-crawler
  ☆29Updated this week
• zom3y3 / ssdc
  ssdeep cluster analysis for malware files
  ☆29Updated 4 years ago
• zeek / zeek-af_packet-plugin
  Plugin providing native AF_Packet support for Zeek.
  ☆33Updated 7 months ago
• OTRF / openhunt
  ☆33Updated 3 years ago
• thongsia / Public-Pcaps
  ☆44Updated 6 years ago
• stratosphereips / zeek_anomaly_detector
  A completely automated anomaly detector Zeek network flows files (conn.log).
  ☆74Updated 3 months ago
• CybercentreCanada / assemblyline-service-cuckoo
  Assemblyline 4 Malware detonation service (Cuckoo)
  ☆18Updated 9 months ago
• iomoath / yara-scanner
  YaraScanner is a file pattern-matching tool based on YARA rules.
  ☆54Updated last year
• EmergingThreats / log4shell-detection
  ☆12Updated 2 years ago