Alternatives and similar repositories for suricata-rules:

Users that are interested in suricata-rules are comparing it to the libraries listed below

• weslambert / securityonion-strelka
  ☆12Updated 5 years ago
• 3CORESec / AWS-Mirror-Toolkit
  A set of tools and procedures for automating NSM and NIDS deployments in AWS
  ☆16Updated 4 years ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆22Updated 3 months ago
• MISP / misp-packer
  Build Automated Machine Images for MISP
  ☆28Updated last year
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆54Updated 7 months ago
• Benster900 / ThreatWaffle
  Threat hunting repo for my independent study on threat hunting with OSQuery
  ☆28Updated 7 years ago
• tiburon-security / sriracha-iq
  Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…
  ☆18Updated 4 years ago
• theparanoids / rdfp
  Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
  ☆39Updated last year
• c2defense / windows-event-collection
  Subscriptions to collect Windows Event Logs mapped to the MITRE ATT&CK model
  ☆12Updated 4 years ago
• swimlane / CLAW
  A packer utility to create and capture DFIR Image for use AWS & Azure
  ☆15Updated 5 years ago
• deeso / fleet-deployment
  ☆15Updated 5 years ago
• OTRF / openhunt
  ☆33Updated 3 years ago
• haidermdost / Threat-Detection-Maturity-Framework
  ☆18Updated 3 years ago
• defensivedepth / Sysmon_OSSEC
  OSSEC Decoder & Rulesets for Sysmon Events
  ☆15Updated 9 years ago
• swisscom / detections
  Threat intelligence and threat detection indicators (IOC, IOA)
  ☆53Updated 4 years ago
• olafhartong / sysmon-modular-linux
  A repository of Sysmon For Linux configuration modules
  ☆15Updated 3 years ago
• OTRF / sigma
  Generic Signature Format for SIEM Systems
  ☆14Updated 3 years ago
• Alir3z4 / ansible-suricata
  An Ansible playbook for deploying the Suricata intrusion detection system and fetching Snort rules with Oinkmaster.
  ☆15Updated 3 years ago
• CyberSift / OSQUERY-PACKS
  Osquery Packs we use for customer security hardening
  ☆12Updated 4 months ago
• chaitanyakrishna / IOCScraper
  IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.
  ☆34Updated 3 years ago
• ajackal / ir_scripts
  incident response scripts
  ☆19Updated 5 years ago
• CyCat-project / cycat-service
  CyCAT.org API back-end server including crawlers
  ☆30Updated 2 years ago
• Hestat / soc-threat-hunting
  Repo of python/bash scripts for identifying IoC's in threat feed and other online tools
  ☆26Updated 4 years ago
• philhagen / timeshift
  A python script to shift the timestamp on syslog data. Useful for forensicators combating time skew.
  ☆20Updated 2 years ago
• BreakingMalwareResearch / YetiToElastic
  YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack
  ☆16Updated 4 years ago
• StamusNetworks / surimisp
  Check IOC provided by a MISP instance on Suricata events
  ☆17Updated 5 years ago
• OTRF / bloodhound-notebooks
  Notebooks created to attack and secure Active Directory environments
  ☆27Updated 5 years ago
• mohlcyber / MISP-STIX-ESM
  Exports MISP events to STIX and ingest into McAfee ESM
  ☆15Updated 5 years ago
• sans-blue-team / sec455-wiki
  ☆29Updated 6 years ago
• MISP / misp-compliance
  Legal, procedural and policies document templates for operating MISP and information sharing communities
  ☆37Updated 2 years ago