secureworks / dalton
Suricata, Snort and Zeek IDS rule and pcap testing system
☆473Updated 2 months ago
Alternatives and similar repositories for dalton:
Users that are interested in dalton are comparing it to the libraries listed below
- a network packet capture compiler☆198Updated 2 years ago
- Scirius is a web application for Suricata ruleset management and threat hunting.☆646Updated 3 months ago
- The tool for updating your Suricata rules.☆266Updated 3 months ago
- idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)☆281Updated last year
- Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search☆452Updated last week
- Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark☆434Updated last year
- Suricata rules for network anomaly detection☆156Updated 2 weeks ago
- A Linux Auditd rule set mapped to MITRE's Attack Framework☆787Updated 4 years ago
- ☆1,069Updated 5 years ago
- FireEye Publicly Shared Indicators of Compromise (IOCs)☆464Updated 6 years ago
- Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs☆721Updated 5 years ago
- Mapping the MITRE ATT&CK Matrix with Osquery☆790Updated last year
- PCAP Samples for Different Post Exploitation Techniques☆356Updated 3 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆434Updated 2 years ago
- The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs).☆543Updated last year
- Suricata Extreme Performance Tuning guide☆207Updated 7 years ago
- Public Repository of all Publicly Available Packet Captures that I've used or come across☆173Updated 12 years ago
- Information released publicly by NCC Group's Cyber Incident Response Team☆476Updated 3 years ago
- DPS' Lightweight Investigation Notebook☆427Updated last year
- Defanged Indicator of Compromise (IOC) Extractor.☆524Updated 7 months ago
- The Python SDK for AlienVault OTX☆371Updated 10 months ago
- Clusters and elements to attach to MISP events or attributes (like threat actors)☆558Updated 2 weeks ago
- Extract and aggregate threat intelligence.☆853Updated last year
- Passive Real-time Asset Detection System☆235Updated 10 months ago
- Suricata IDS/IPS log analytics using the Elastic Stack.☆238Updated 3 years ago
- Zeek IDS Dockerfile☆101Updated 2 years ago
- Security event correlation engine for ELK stack☆436Updated 9 months ago
- Super Next generation Advanced Reactive honEypot☆461Updated 9 months ago
- Elemental - An ATT&CK Threat Library☆318Updated 2 years ago
- 16,432 Free Yara rules created by☆383Updated 5 years ago