travisbgreen / hunting-rulesLinks
Suricata rules for network anomaly detection
☆167Updated 3 months ago
Alternatives and similar repositories for hunting-rules
Users that are interested in hunting-rules are comparing it to the libraries listed below
Sorting:
- PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.☆155Updated 4 months ago
- Suricata Verification Tests - Testing Suricata Output☆112Updated 2 weeks ago
- PCAP Samples for Different Post Exploitation Techniques☆363Updated 4 years ago
- This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)☆104Updated 4 years ago
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆94Updated 3 years ago
- The OTX Suricata Rule Generator can be used to create the rules and configuration for Suricata to alert on indicators from your OTX accou…☆111Updated last year
- Mapping NSM rules to MITRE ATT&CK☆71Updated 4 years ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆78Updated last month
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆189Updated 4 years ago
- Sigma rules from Joe Security☆217Updated 8 months ago
- Suricata, Snort and Zeek IDS rule and pcap testing system☆483Updated 2 weeks ago
- Open source endpoint agent providing host information to Zeek. [v2]☆85Updated 3 weeks ago
- Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets☆139Updated 4 years ago
- Snorpy is a python script the gives a Gui interface to help those new to snort create rules.☆63Updated 11 months ago
- Zeek-Formatted Threat Intelligence Feeds☆374Updated this week
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆87Updated 2 years ago
- simple YARA-based IOC scanner☆169Updated this week
- The tool for updating your Suricata rules.☆277Updated 2 weeks ago
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆263Updated 2 years ago
- Threat Hunting queries for various attacks☆238Updated this week
- zeek-scripts☆44Updated 6 years ago
- Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)☆83Updated 3 months ago
- Live forensic artifacts collector☆168Updated last year
- Log Entry to Sigma Rule Converter☆108Updated 3 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆153Updated 4 months ago
- ☆49Updated last year
- A Sigma to Wazuh / OSSEC converter including a generated Windows Sysmon ruleset☆33Updated 5 years ago
- ☆126Updated last year
- OASIS Cyber Threat Intelligence (CTI) TC: A repository for commonly used STIX objects in order to avoid needless duplication. https://gi…☆93Updated last month
- The Security Analyst’s Guide to Suricata☆57Updated 3 months ago