satta / awesome-suricataLinks
A curated list of awesome things related to Suricata
☆202Updated 7 months ago
Alternatives and similar repositories for awesome-suricata
Users that are interested in awesome-suricata are comparing it to the libraries listed below
Sorting:
- Standard-Format Threat Intelligence Feeds☆124Updated this week
- Indicators of Compromise☆227Updated this week
- Suricata rules for network anomaly detection☆174Updated last week
- OpenCTI Docker deployment helpers☆210Updated this week
- Zeek-Formatted Threat Intelligence Feeds☆379Updated last week
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆436Updated this week
- Sagan is a multi-threads, high performance log analysis engine. At it's core, Sagan similar to Suricata/Snort but with logs rather th…☆188Updated 3 weeks ago
- A curated list of Awesome Threat Intelligence Blogs☆459Updated 3 weeks ago
- SIEM Tactics, Techiques, and Procedures☆674Updated 3 weeks ago
- Open source endpoint agent providing host information to Zeek. [v2]☆86Updated this week
- An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…☆388Updated last week
- A curated list of Awesome Threat Intelligence blogs☆85Updated 2 years ago
- The Sigma command line interface based on pySigma☆161Updated 2 months ago
- OpenCTI Connectors☆482Updated last week
- This project is a SIEM with SIRP and Threat Intel, all in one.☆463Updated 11 months ago
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆164Updated 3 weeks ago
- Threat Hunting queries for various attacks☆239Updated this week
- Awesome list of keywords and artifacts for Threat Hunting sessions☆611Updated 2 months ago
- Incident Response - Fast suspicious file finder☆245Updated 3 years ago
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆94Updated 3 years ago
- Docker configurations for TheHive, Cortex and 3rd party tools☆127Updated 2 years ago
- An awesome list of resources on deception-based security with honeypots and honeytokens☆177Updated 10 months ago
- ⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident…☆484Updated last week
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆405Updated last month
- Automated YARA Rule Standardization and Quality Assurance Tool☆249Updated last week
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆206Updated last week
- TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE AT…☆523Updated 5 months ago
- Collection of tool you need to have in your Endpoint Detection and Response arsenal☆108Updated last year
- A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and contr…☆235Updated 3 weeks ago
- A curated repository of incident response playbooks☆104Updated 2 years ago