secureworks / daltonLinks
Suricata, Snort and Zeek IDS rule and pcap testing system
☆478Updated 2 weeks ago
Alternatives and similar repositories for dalton
Users that are interested in dalton are comparing it to the libraries listed below
Sorting:
- a network packet capture compiler☆199Updated 3 years ago
- The tool for updating your Suricata rules.☆271Updated last month
- Suricata rules for network anomaly detection☆164Updated last month
- Scirius is a web application for Suricata ruleset management and threat hunting.☆651Updated 3 weeks ago
- idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)☆281Updated last year
- The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs).☆545Updated 2 years ago
- Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.☆352Updated 3 years ago
- Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark☆437Updated last year
- PCAP Samples for Different Post Exploitation Techniques☆361Updated 4 years ago
- Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search☆458Updated last week
- Detecting ATT&CK techniques & tactics for Linux☆258Updated 4 years ago
- Python Script to access ATT&CK content available in STIX via a public TAXII server☆564Updated 5 months ago
- FireEye Publicly Shared Indicators of Compromise (IOCs)☆465Updated 6 years ago
- Deception based detection techniques mapped to the MITRE’s ATT&CK framework☆289Updated 7 years ago
- This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)☆104Updated 3 years ago
- Mapping the MITRE ATT&CK Matrix with Osquery☆794Updated 2 years ago
- A set of Zeek scripts to detect ATT&CK techniques.☆593Updated 11 months ago
- ☆1,075Updated 6 years ago
- 16,432 Free Yara rules created by☆383Updated 6 years ago
- A Linux Auditd rule set mapped to MITRE's Attack Framework☆793Updated 4 years ago
- Suricata Extreme Performance Tuning guide☆209Updated 7 years ago
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆352Updated 4 years ago
- Elemental - An ATT&CK Threat Library☆317Updated 2 years ago
- Actionable analytics designed to combat threats☆988Updated 3 years ago
- Data from a BRAWL Automated Adversary Emulation Exercise☆206Updated 4 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆435Updated 2 years ago
- ☆164Updated 4 years ago
- Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs☆722Updated 5 years ago
- Utilities for MITRE™ ATT&CK☆1,031Updated last year
- Automatic Yara Rule Generation☆332Updated 9 years ago