Alternatives and similar repositories for Snort-Rules

Users that are interested in Snort-Rules are comparing it to the libraries listed below

• thongsia / Public-Pcaps
  ☆68Updated 7 years ago
• stratosphereips / zeek_anomaly_detector
  A completely automated anomaly detector Zeek network flows files (conn.log).
  ☆82Updated 5 months ago
• brimdata / brimcap
  Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
  ☆92Updated 8 months ago
• zeek / zeek-agent-v2
  Open source endpoint agent providing host information to Zeek. [v2]
  ☆90Updated last month
• travisbgreen / hunting-rules
  Suricata rules for network anomaly detection
  ☆181Updated last month
• elcabezzonn / Pcaps
  ☆54Updated 2 years ago
• DynamiteAI / dynamite-nsm
  DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…
  ☆172Updated 2 years ago
• FrankHassanabad / suricata-sample-data
  Repository of creating different example suricata data sets
  ☆36Updated 7 years ago
• quadrantsec / sagan
  Sagan is a multi-threads, high performance log analysis engine. At it's core, Sagan similar to Suricata/Snort but with logs rather th…
  ☆189Updated 3 months ago
• corelight / threat-hunting-guide
  ☆56Updated 3 years ago
• OpenCTI-Platform / client-python
  OpenCTI Python Client
  ☆143Updated 2 months ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆38Updated 3 years ago
• cocaman / malware-bazaar
  Python scripts for Malware Bazaar
  ☆157Updated last year
• StamusNetworks / suricata-4-analysts
  The Security Analyst’s Guide to Suricata
  ☆61Updated 8 months ago
• wrayjustin / yaids
  YAIDS - Yara-Based IDS - Yara as an Intrusion Detection System / Yet Another Intrusion Detection System - An Intrusion Detection System (…
  ☆26Updated 3 years ago
• The-Shadowserver-Foundation / api_utils
  Sample programs to access the API
  ☆99Updated last month
• neu5ron / TMInfosec
  Repository of all the sites related to infosec IP/Domain/Hash/SSL/etc OSINT and eventually will include more.
  ☆70Updated 2 months ago
• m-chrome / py-suricataparser
  Pure python parser for Snort/Suricata rules.
  ☆33Updated last year
• 0xtf / nsm-attack
  Mapping NSM rules to MITRE ATT&CK
  ☆73Updated 5 years ago
• idaholab / Malcolm
  Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…
  ☆449Updated this week
• chrisjd20 / Snorpy
  Snorpy is a python script the gives a Gui interface to help those new to snort create rules.
  ☆64Updated last year
• karthikkbala / MISP-QRadar-Integration
  The Project can be used to integrate QRadar with MISP Threat Sharing Platform
  ☆40Updated 3 years ago
• pan-unit42 / Wireshark-quizzes
  Packet captures of malicious traffic for analysis using Wireshark
  ☆64Updated 2 years ago
• fhightower / ioc-finder
  Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security relate…
  ☆178Updated 2 years ago
• michalpurzynski / zeek-scripts
  zeek-scripts
  ☆45Updated 7 years ago
• CERT-Polska / n6
  Automated handling of data feeds for security teams
  ☆146Updated 3 weeks ago
• sandflysecurity / sandfly-entropyscan
  Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives …
  ☆167Updated last year
• CriticalPathSecurity / Zeek-Intelligence-Feeds
  Zeek-Formatted Threat Intelligence Feeds
  ☆382Updated this week
• Loginsoft-LLC / threat-detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆53Updated 3 years ago
• OpenSecureCo / Demos
  Repo Filled With Follow Along Guides
  ☆80Updated 3 years ago