michalpurzynski / suricata-rules

Related projects ⓘ

Alternatives and complementary repositories for suricata-rules

• weslambert / securityonion-strelka
  ☆12Updated 5 years ago
• Benster900 / ThreatWaffle
  Threat hunting repo for my independent study on threat hunting with OSQuery
  ☆28Updated 6 years ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆21Updated 3 weeks ago
• 3CORESec / AWS-Mirror-Toolkit
  A set of tools and procedures for automating NSM and NIDS deployments in AWS
  ☆16Updated 4 years ago
• atc-project / atc-mitigation
  Actionable analytics designed to combat threats based on MITRE's ATT&CK.
  ☆22Updated 5 years ago
• Shuffle / workflows
  Workflows for Shuffle
  ☆20Updated 2 years ago
• guardsight / gsvsoc_mission-model
  Incident Response Report Using GitHub-Sphinx
  ☆19Updated 5 years ago
• socprime / socprime_sigma
  List of sigma for a variety of threats for multiple log sources.
  ☆11Updated 5 years ago
• BreakingMalwareResearch / YetiToElastic
  YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack
  ☆15Updated 3 years ago
• theparanoids / rdfp
  Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
  ☆37Updated last year
• CyCat-project / cycat-service
  CyCAT.org API back-end server including crawlers
  ☆30Updated last year
• swisscom / detections
  Threat intelligence and threat detection indicators (IOC, IOA)
  ☆53Updated 3 years ago
• weslambert / securityonion-misp
  ☆34Updated 3 years ago
• tiburon-security / sriracha-iq
  Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…
  ☆18Updated 4 years ago
• corelight / Dashboards-Splunk-DNS-Hunting-Beaconing
  DNS Dashboard for hunting and identifying beaconing
  ☆14Updated 4 years ago
• OTRF / openhunt
  ☆33Updated 3 years ago
• olafhartong / sysmon-modular-linux
  A repository of Sysmon For Linux configuration modules
  ☆15Updated 3 years ago
• NextronSystems / thor_attck
  THOR MITRE ATT&CK Framework Coverage
  ☆24Updated 4 years ago
• zeek / zeek-agent-framework
  This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2
  ☆14Updated 4 years ago
• bromiley / pollen
  pollen - A command-line tool for interacting with TheHive
  ☆34Updated 5 years ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆35Updated 2 years ago
• juju4 / ansible-MISP
  ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing
  ☆52Updated last week
• REMnux / salt-states
  This repository maintains the SaltStack state files for the REMnux distro.
  ☆39Updated last week
• austinsonger / Elastic-Security
  Repo for Automations and other solutions for Elastic SIEM/Security.
  ☆18Updated 3 years ago
• StamusNetworks / surimisp
  Check IOC provided by a MISP instance on Suricata events
  ☆17Updated 5 years ago
• HASecuritySolutions / elastic_stack
  ☆34Updated 3 years ago
• blackstork-io / fabric-templates
  Open-source Fabric templates for cybersecurity and compliance
  ☆12Updated 3 months ago
• MISP / threat-actor-intelligence-server
  A simple ReST server to lookup threat actors (by name, synonym or UUID) and returning the corresponding MISP galaxy information about the…
  ☆47Updated 11 months ago
• eCrimeLabs / MISP2CbR
  Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.
  ☆19Updated 2 years ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆50Updated 4 months ago