satta / awesome-suricata
A curated list of awesome things related to Suricata
☆159Updated 3 weeks ago
Alternatives and similar repositories for awesome-suricata:
Users that are interested in awesome-suricata are comparing it to the libraries listed below
- Suricata rules for network anomaly detection☆156Updated 2 weeks ago
- Zeek-Formatted Threat Intelligence Feeds☆358Updated this week
- Standard-Format Threat Intelligence Feeds☆112Updated this week
- The Security Analyst’s Guide to Suricata☆55Updated 10 months ago
- Open source endpoint agent providing host information to Zeek. [v2]☆79Updated 5 months ago
- OpenCTI Docker deployment helpers☆177Updated this week
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆91Updated 2 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆149Updated 3 weeks ago
- SIEM Tactics, Techiques, and Procedures☆616Updated last month
- Sagan is a multi-threads, high performance log analysis engine. At it's core, Sagan similar to Suricata/Snort but with logs rather th…☆166Updated this week
- A curated list of awesome things related to TheHive & Cortex☆177Updated 3 years ago
- Resources To Learn And Understand SIGMA Rules☆174Updated 2 years ago
- Threat Hunting queries for various attacks☆230Updated this week
- Incident Response - Fast suspicious file finder☆241Updated 2 years ago
- Indicators of Compromise☆189Updated last week
- Rules generated from our investigations.☆193Updated last week
- This project is a SIEM with SIRP and Threat Intel, all in one.☆430Updated 4 months ago
- Anything Sysmon related from the MSTIC R&D team☆151Updated 9 months ago
- ☆53Updated last week
- An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…☆347Updated this week
- Docker configurations for TheHive, Cortex and 3rd party tools☆119Updated 2 years ago
- An awesome list of resources on deception-based security with honeypots and honeytokens☆171Updated 3 months ago
- OpenCTI Connectors☆427Updated this week
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆392Updated last week
- Threat Intel Platform for T-POTs☆144Updated 2 weeks ago
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆146Updated last month
- Collection of Jupyter Notebooks by @fr0gger_☆159Updated last week
- The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders…☆143Updated 7 months ago
- TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE AT…☆483Updated 2 weeks ago
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆166Updated last week