satta / awesome-suricata
A curated list of awesome things related to Suricata
☆134Updated last week
Related projects ⓘ
Alternatives and complementary repositories for awesome-suricata
- Suricata rules for network anomaly detection☆153Updated 2 months ago
- The Security Analyst’s Guide to Suricata☆52Updated 5 months ago
- OpenCTI Docker deployment helpers☆159Updated this week
- Standard-Format Threat Intelligence Feeds☆101Updated this week
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆86Updated 2 years ago
- Zeek-Formatted Threat Intelligence Feeds☆343Updated this week
- Sagan is a multi-threads, high performance log analysis engine. At it's core, Sagan similar to Suricata/Snort but with logs rather th…☆159Updated last week
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆144Updated this week
- Incident Response - Fast suspicious file finder☆232Updated 2 years ago
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆362Updated this week
- Open source endpoint agent providing host information to Zeek. [v2]☆66Updated last month
- Resources To Learn And Understand SIGMA Rules☆168Updated last year
- A curated list of awesome things related to TheHive & Cortex☆173Updated 3 years ago
- The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders…☆138Updated 2 months ago
- Signatures and IoCs from public Volexity blog posts.☆320Updated this week
- SIEM Tactics, Techiques, and Procedures☆586Updated 3 weeks ago
- Awesome list of keywords and artifacts for Threat Hunting sessions☆471Updated last week
- This project is a SIEM with SIRP and Threat Intel, all in one.☆412Updated 10 months ago
- The Sigma command line interface based on pySigma☆136Updated 3 months ago
- Import CrowdStrike Threat Intelligence into your instance of MISP☆42Updated last month
- LOKI2 - Simple IOC and YARA Scanner☆80Updated 3 months ago
- Collection of Jupyter Notebooks by @fr0gger_☆142Updated 2 months ago
- Fast IOC and YARA Scanner☆74Updated 4 years ago
- Data visualization for blue teams☆124Updated last year
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆116Updated 4 months ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆64Updated last week
- Rules generated from our investigations.☆189Updated 3 weeks ago
- Threat Intel Platform for T-POTs☆135Updated this week
- Dettectinator - The Python library to your DeTT&CT YAML files.☆104Updated 2 weeks ago
- A curated list of KAPE-related resources☆156Updated 6 months ago