satta / awesome-suricataLinks
A curated list of awesome things related to Suricata
☆193Updated 6 months ago
Alternatives and similar repositories for awesome-suricata
Users that are interested in awesome-suricata are comparing it to the libraries listed below
Sorting:
- Suricata rules for network anomaly detection☆170Updated 5 months ago
- Standard-Format Threat Intelligence Feeds☆122Updated this week
- Zeek-Formatted Threat Intelligence Feeds☆376Updated last week
- Indicators of Compromise☆219Updated last month
- OpenCTI Docker deployment helpers☆203Updated this week
- This project is a SIEM with SIRP and Threat Intel, all in one.☆461Updated 10 months ago
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆430Updated last week
- Sagan is a multi-threads, high performance log analysis engine. At it's core, Sagan similar to Suricata/Snort but with logs rather th…☆187Updated this week
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆95Updated 3 years ago
- SIEM Tactics, Techiques, and Procedures☆663Updated last month
- Docker configurations for TheHive, Cortex and 3rd party tools☆126Updated 2 years ago
- Open source endpoint agent providing host information to Zeek. [v2]☆85Updated 2 weeks ago
- Awesome list of keywords and artifacts for Threat Hunting sessions☆605Updated last month
- Threat Hunting queries for various attacks☆239Updated this week
- A curated list of Awesome Threat Intelligence blogs☆75Updated 2 years ago
- An awesome list of resources on deception-based security with honeypots and honeytokens☆176Updated 8 months ago
- Collection of tool you need to have in your Endpoint Detection and Response arsenal☆105Updated last year
- The Security Analyst’s Guide to Suricata☆58Updated 4 months ago
- The Sigma command line interface based on pySigma☆159Updated 3 weeks ago
- OpenCTI Connectors☆476Updated this week
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆200Updated this week
- An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…☆383Updated last week
- Automated YARA Rule Standardization and Quality Assurance Tool☆241Updated 2 weeks ago
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆160Updated 7 months ago
- A production ready Dockered MISP☆280Updated this week
- Incident Response - Fast suspicious file finder☆244Updated 3 years ago
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆130Updated last year
- Import CrowdStrike Threat Intelligence into your instance of MISP☆48Updated 3 months ago
- ⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident…☆467Updated 2 weeks ago
- ☆58Updated this week