Alternatives and similar repositories for Snort-Rules

Users that are interested in Snort-Rules are comparing it to the libraries listed below

• thongsia / Public-Pcaps
  ☆64Updated 7 years ago
• stratosphereips / zeek_anomaly_detector
  A completely automated anomaly detector Zeek network flows files (conn.log).
  ☆82Updated 4 months ago
• zeek / zeek-agent-v2
  Open source endpoint agent providing host information to Zeek. [v2]
  ☆90Updated 2 weeks ago
• mmguero-dev / Malcolm-PCAP
  This repository has been archived in favor of https://github.com/idaholab/Malcolm-Test-Artifacts
  ☆37Updated last year
• travisbgreen / hunting-rules
  Suricata rules for network anomaly detection
  ☆177Updated 2 weeks ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆38Updated 3 years ago
• pan-unit42 / Wireshark-quizzes
  Packet captures of malicious traffic for analysis using Wireshark
  ☆63Updated 2 years ago
• brimdata / brimcap
  Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
  ☆92Updated 7 months ago
• cocaman / malware-bazaar
  Python scripts for Malware Bazaar
  ☆157Updated last year
• corelight / threat-hunting-guide
  ☆55Updated 3 years ago
• P3t3rp4rk3r / Threat_Intelligence
  Threat-Intelligence Feeds & Tools & Frameworks
  ☆222Updated last year
• Loginsoft-LLC / threat-detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆53Updated 3 years ago
• CriticalPathSecurity / Zeek-Intelligence-Feeds
  Zeek-Formatted Threat Intelligence Feeds
  ☆381Updated this week
• vuldb / cyber_threat_intelligence
  Cyber Threat Intelligence Data, Indicators, and Analysis
  ☆103Updated 3 weeks ago
• The-Shadowserver-Foundation / api_utils
  Sample programs to access the API
  ☆95Updated last week
• quadrantsec / sagan
  Sagan is a multi-threads, high performance log analysis engine. At it's core, Sagan similar to Suricata/Snort but with logs rather th…
  ☆190Updated 2 months ago
• Security-Onion-Solutions / securityonion-soc
  ☆60Updated this week
• pan-unit42 / wireshark-workshop
  pcaps of traffic for traffic analysis workshop
  ☆90Updated 4 years ago
• elcabezzonn / Pcaps
  ☆54Updated last year
• shadawck / awesome-endpoint-detection-and-response
  Collection of tool you need to have in your Endpoint Detection and Response arsenal
  ☆110Updated last year
• OpenCTI-Platform / docker
  OpenCTI Docker deployment helpers
  ☆214Updated this week
• sametsazak / sysmon
  Sysmon and wazuh integration with Sigma sysmon rules [updated]
  ☆70Updated 4 years ago
• tolgadevsec / Awesome-Deception
  An awesome list of resources on deception-based security with honeypots and honeytokens
  ☆178Updated 11 months ago
• m-chrome / py-suricataparser
  Pure python parser for Snort/Suricata rules.
  ☆33Updated last year
• COSSAS / SOARCA
  SOARCA - The Open Source CACAO-based Security Orchestrator!
  ☆100Updated 3 months ago
• hgascon / security-datasets
  A collection of resources for security data
  ☆41Updated 8 years ago
• traut / stixview
  STIX2 graph visualisation library in JS
  ☆94Updated 3 weeks ago
• StamusNetworks / suricata-4-analysts
  The Security Analyst’s Guide to Suricata
  ☆60Updated 7 months ago
• Hestat / ossec-sysmon
  A Ruleset to enhance detection capabilities of Ossec using Sysmon
  ☆94Updated 3 years ago
• arvindpj007 / Suricata-Detect-DoS-Attack
  Configuring the Suricata IDS to detect DoS attacks by adding custom rule file.
  ☆41Updated 5 years ago