ossec / ossec-hids
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
☆4,619Updated last month
Alternatives and similar repositories for ossec-hids:
Users that are interested in ossec-hids are comparing it to the libraries listed below
- Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.☆6,663Updated this week
- Arkime is an open source, large scale, full packet capturing, indexing, and database system.☆6,520Updated this week
- Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OIS…☆4,976Updated this week
- GRR Rapid Response: remote live forensics for incident response☆4,842Updated this week
- DEPRECATED - MozDef: Mozilla Enterprise Defense Platform☆2,166Updated 3 years ago
- A network sniffer that logs all DNS server replies for use in a passive DNS setup☆1,686Updated 8 months ago
- Cuckoo Sandbox is an automated dynamic malware analysis system☆5,611Updated 2 years ago
- Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management☆3,083Updated 3 years ago
- A Suricata based IDS/IPS/NSM distro☆1,507Updated 6 months ago
- Snort++☆2,732Updated this week
- Modern Honey Network☆2,445Updated 2 months ago
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,510Updated 7 months ago
- Open Source Vulnerability Management Platform☆5,198Updated 3 weeks ago
- TheHive: a Scalable, Open Source and Free Security Incident Response Platform☆3,558Updated 2 years ago
- Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.☆11,743Updated this week
- The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file s…☆2,719Updated this week
- Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own in…☆3,539Updated this week
- Malicious traffic detection system☆6,765Updated this week
- Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run yo…☆3,627Updated last week
- Loki - Simple IOC and YARA Scanner☆3,467Updated 2 months ago
- The pattern matching swiss knife☆8,542Updated last week
- MISP (core software) - Open Source Threat Intelligence and Sharing Platform☆5,528Updated this week
- Repository of yara rules☆4,287Updated 10 months ago
- ☆3,515Updated 11 months ago
- This repository contains the scanner component for Greenbone Community Edition.☆3,608Updated this week
- Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and sys…☆13,838Updated last week
- Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv…☆4,600Updated 4 years ago
- Automated Adversary Emulation Platform☆5,860Updated this week
- Fast Incident Response☆1,788Updated last week
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆2,830Updated 8 months ago