satta / awesome-suricata
A curated list of awesome things related to Suricata
☆166Updated last month
Alternatives and similar repositories for awesome-suricata:
Users that are interested in awesome-suricata are comparing it to the libraries listed below
- Suricata rules for network anomaly detection☆160Updated last week
- Zeek-Formatted Threat Intelligence Feeds☆359Updated this week
- Open source endpoint agent providing host information to Zeek. [v2]☆80Updated this week
- The Sigma command line interface based on pySigma☆151Updated last week
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆283Updated this week
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆402Updated 3 weeks ago
- Rules generated from our investigations.☆194Updated last month
- Sigma rule specification☆132Updated last month
- Indicators of Compromise☆192Updated this week
- Standard-Format Threat Intelligence Feeds☆112Updated this week
- Automated YARA Rule Standardization and Quality Assurance Tool☆210Updated this week
- SIEM Tactics, Techiques, and Procedures☆623Updated this week
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆92Updated 3 years ago
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆126Updated 9 months ago
- Collection of Jupyter Notebooks by @fr0gger_☆162Updated last month
- An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…☆350Updated last week
- The Security Analyst’s Guide to Suricata☆55Updated 10 months ago
- Awesome list of keywords and artifacts for Threat Hunting sessions☆563Updated last month
- An awesome list of resources on deception-based security with honeypots and honeytokens☆172Updated 4 months ago
- Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques☆357Updated 3 months ago
- STIX data representing MITRE ATT&CK☆395Updated this week
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆169Updated this week
- Resources To Learn And Understand SIGMA Rules☆174Updated 2 years ago
- OpenCTI Docker deployment helpers☆182Updated this week
- A production ready Dockered MISP☆227Updated last week
- Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)☆446Updated this week
- A curated list of Awesome Threat Intelligence blogs☆60Updated last year
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆150Updated 2 months ago
- A curated list of awesome things related to TheHive & Cortex☆178Updated 3 years ago
- Docker image for MISP☆125Updated last month