satta / awesome-suricata
A curated list of awesome things related to Suricata
☆131Updated 4 months ago
Related projects ⓘ
Alternatives and complementary repositories for awesome-suricata
- Suricata rules for network anomaly detection☆153Updated 2 months ago
- The Security Analyst’s Guide to Suricata☆51Updated 5 months ago
- OpenCTI Docker deployment helpers☆159Updated this week
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆86Updated 2 years ago
- Open source endpoint agent providing host information to Zeek. [v2]☆65Updated 3 weeks ago
- Standard-Format Threat Intelligence Feeds☆101Updated this week
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆143Updated this week
- Zeek-Formatted Threat Intelligence Feeds☆343Updated this week
- Sagan is a multi-threads, high performance log analysis engine. At it's core, Sagan similar to Suricata/Snort but with logs rather th…☆159Updated this week
- Threat Intel Platform for T-POTs☆134Updated last week
- Rules generated from our investigations.☆188Updated 2 weeks ago
- A curated list of awesome things related to TheHive & Cortex☆172Updated 3 years ago
- Sigma rule specification☆111Updated this week
- Docker image for Velocidex Velociraptor☆113Updated 4 months ago
- Signatures and IoCs from public Volexity blog posts.☆315Updated 3 months ago
- Awesome list of keywords and artifacts for Threat Hunting sessions☆466Updated this week
- This project is a SIEM with SIRP and Threat Intel, all in one.☆410Updated 9 months ago
- Incident Response - Fast suspicious file finder☆232Updated 2 years ago
- Security Onion + Automation + Response Lab including n8n and Velociraptor☆105Updated 2 years ago
- Docker configurations for TheHive, Cortex and 3rd party tools☆113Updated last year
- SIEGMA - Transform Sigma rules into SIEM consumables☆141Updated last year
- SIEM Tactics, Techiques, and Procedures☆585Updated 3 weeks ago
- A production ready Dockered MISP☆166Updated this week
- Indicators of Compromise☆171Updated this week
- The Sigma command line interface based on pySigma☆135Updated 3 months ago
- Zeek Log Cheatsheets☆285Updated 2 years ago
- Docker image for MISP☆115Updated last week
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆129Updated this week
- Suricata Verification Tests - Testing Suricata Output☆102Updated this week
- An awesome list of resources on deception-based security with honeypots and honeytokens☆159Updated last year