satta / awesome-suricataLinks
A curated list of awesome things related to Suricata
☆187Updated 5 months ago
Alternatives and similar repositories for awesome-suricata
Users that are interested in awesome-suricata are comparing it to the libraries listed below
Sorting:
- Standard-Format Threat Intelligence Feeds☆122Updated this week
- Suricata rules for network anomaly detection☆167Updated 4 months ago
- OpenCTI Docker deployment helpers☆200Updated this week
- Indicators of Compromise☆217Updated last week
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆429Updated 3 weeks ago
- Open source endpoint agent providing host information to Zeek. [v2]☆85Updated 2 weeks ago
- Zeek-Formatted Threat Intelligence Feeds☆375Updated this week
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆94Updated 3 years ago
- SIEM Tactics, Techiques, and Procedures☆659Updated last month
- An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…☆377Updated this week
- Sagan is a multi-threads, high performance log analysis engine. At it's core, Sagan similar to Suricata/Snort but with logs rather th…☆186Updated last week
- ☆34Updated this week
- Threat Hunting queries for various attacks☆239Updated this week
- This project is a SIEM with SIRP and Threat Intel, all in one.☆460Updated 9 months ago
- Import CrowdStrike Threat Intelligence into your instance of MISP☆48Updated 2 months ago
- The Security Analyst’s Guide to Suricata☆58Updated 4 months ago
- The Sigma command line interface based on pySigma☆158Updated this week
- A curated list of Awesome Threat Intelligence blogs☆72Updated 2 years ago
- OpenCTI Connectors☆469Updated this week
- An awesome list of resources on deception-based security with honeypots and honeytokens☆175Updated 8 months ago
- A production ready Dockered MISP☆272Updated this week
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆156Updated 6 months ago
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆373Updated this week
- Docker configurations for TheHive, Cortex and 3rd party tools☆126Updated 2 years ago
- ☆36Updated last month
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆194Updated this week
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆128Updated last year
- TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE AT…☆512Updated 3 months ago
- A curated list of Awesome Threat Intelligence Blogs☆440Updated last month
- ☆57Updated this week