travisbgreen / hunting-rulesLinks
Suricata rules for network anomaly detection
☆164Updated last month
Alternatives and similar repositories for hunting-rules
Users that are interested in hunting-rules are comparing it to the libraries listed below
Sorting:
- This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)☆104Updated 3 years ago
- The OTX Suricata Rule Generator can be used to create the rules and configuration for Suricata to alert on indicators from your OTX accou…☆110Updated last year
- Suricata rules for the new critical vulnerabilities☆82Updated 4 years ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆70Updated 2 weeks ago
- Mapping NSM rules to MITRE ATT&CK☆71Updated 4 years ago
- PCAP Samples for Different Post Exploitation Techniques☆360Updated 4 years ago
- Suricata Verification Tests - Testing Suricata Output☆108Updated this week
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆92Updated 3 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆151Updated 2 months ago
- Zeek-Formatted Threat Intelligence Feeds☆365Updated this week
- Open source endpoint agent providing host information to Zeek. [v2]☆81Updated this week
- Sigma rules from Joe Security☆214Updated 6 months ago
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆188Updated 4 years ago
- Suricata, Snort and Zeek IDS rule and pcap testing system☆479Updated last week
- Anything Sysmon related from the MSTIC R&D team☆153Updated 11 months ago
- simple YARA-based IOC scanner☆169Updated 3 months ago
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆170Updated 2 years ago
- ☆130Updated last year
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆86Updated 2 years ago
- Active C2 IoCs☆99Updated 2 years ago
- ☆125Updated last year
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆261Updated 2 years ago
- Signature engine for all your logs☆170Updated last year
- PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.☆153Updated 2 months ago
- Threat Hunting queries for various attacks☆236Updated this week
- Import specific data sources into the Sigma generic and open signature format.☆78Updated 3 years ago
- Collection of Suricata rule sets that I use modified to my environments.☆39Updated 4 years ago
- A curated list of awesome things related to TheHive & Cortex☆179Updated 3 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆110Updated 5 years ago
- Collection of various open-source an commercial rulesets for NIDS (especially for Suricata and Snort)☆26Updated last year