Alternatives and similar repositories for rules:

Users that are interested in rules are comparing it to the libraries listed below

• OwlH-net / OwlH-UI
  OwlH Master API Web User Interface
  ☆12Updated 10 months ago
• AlienVault-OTX / OTX-Suricata
  The OTX Suricata Rule Generator can be used to create the rules and configuration for Suricata to alert on indicators from your OTX accou…
  ☆109Updated 11 months ago
• mrash / fwsnort
  Application Layer IDS/IPS with iptables
  ☆75Updated 6 years ago
• greenbone / openvas-smb
  SMB module for OpenVAS Scanner
  ☆50Updated 2 months ago
• StamusNetworks / KTS6
  Kibana 6 Templates for Suricata IDPS Threat Hunting
  ☆24Updated 6 years ago
• travisbgreen / hunting-rules
  Suricata rules for network anomaly detection
  ☆156Updated last week
• dmachard / blocklist-domains
  Unified blocklist of ads/tracking/malware domains. Daily update
  ☆22Updated this week
• xplico / CapAnalysis
  CapAnalysis source code repository
  ☆86Updated 6 years ago
• abusech / URLhaus
  Open platform for sharing malware distribution sites
  ☆40Updated 4 months ago
• Homas / ioc2rpz
  ioc2rpz is a place where threat intelligence meets DNS.
  ☆109Updated 2 months ago
• zeek / zeek-docs
  Documentation for Zeek
  ☆50Updated this week
• cowrie / docker-cowrie
  Cowrie Docker GitHub repository
  ☆82Updated 3 years ago
• opnsense / installer
  OPNsense installer v2
  ☆27Updated 2 months ago
• OISF / suricata-trafficid
  Application and service identification rules for Suricata
  ☆18Updated 2 years ago
• Graylog2 / graylog-guide-snort
  How to send structured Snort IDS alert logs into Graylog
  ☆27Updated last year
• DynamiteAI / dynamite-nsm
  DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…
  ☆170Updated last year
• librenms / packer-builds
  This repo is where virtual images are created and stored
  ☆73Updated last year
• Cisco-Talos / snort2-docker
  ☆13Updated 3 years ago
• OwlH-net / OwlH-Master
  OwlH Master API
  ☆24Updated 10 months ago
• hectorm / hblock-resolver
  A Docker image of Knot DNS Resolver with hBlock.
  ☆31Updated last week
• shadonet / pfSense-pkg-zeek
  Zeek (formerly Bro) Network Security Monitor package for pfSense router/firewall
  ☆44Updated 3 years ago
• 0xbad53c / wazuh-detection-rules
  Our collection of Wazuh detection rules for our Offense Lab
  ☆14Updated 3 years ago
• robcowart / synesis_lite_snort
  Snort IDS/IPS log analytics using the Elastic Stack.
  ☆86Updated 3 years ago
• NavyTitanium / DNSMasterChef
  Selective DNS proxy forwarding based on DNS threat blocking providers intelligence.
  ☆57Updated 7 years ago
• B0fH / yara-suricata
  A Yara Lua output script for Suricata
  ☆19Updated 5 years ago
• cloudfence / opnsense-wazuh
  Tools to integrate 2 great security tools OPNsense and Wazuh
  ☆30Updated 3 years ago
• OPNids / core
  OPNids GUI, API and systems backend
  ☆34Updated 5 years ago
• StamusNetworks / KTS7
  Kibana 7 Templates for Suricata IDPS Threat Hunting
  ☆40Updated 2 years ago
• tg12 / pihole-phishtank-list
  A blocklist for Pihole from PhishTank
  ☆28Updated last year
• Netgate / TNSR_IDS
  IDS using a port mirror, Snort and an alert -> RESTCONF utility
  ☆36Updated 10 months ago