Alternatives and similar repositories for suricata-rule

Users that are interested in suricata-rule are comparing it to the libraries listed below

• n4ll3ec / ThreatHound
  ThreatHound is a threat intelligence query tool use for detecting potentially malicious IP or domains. It combines the MISP open source t…
  ☆39Updated 5 years ago
• tianyulab / Hunting_lateral_movement
  《横向移动攻击与检测技术》专栏文章
  ☆17Updated 5 years ago
• tianyulab / Threat_Hunting_with_ELK
  天御攻防实验室 - 威胁猎杀实战系列
  ☆102Updated 5 years ago
• md-irohas / tcppc-go
  tcppc: A simple honeypot to capture TCP/TLS/UDP payloads on ALL ports.
  ☆35Updated 4 years ago
• baidu-security / webshell-scanner-client
  A golang client of our webshell scanner API
  ☆28Updated 7 years ago
• Green-m / dark-shell
  Shell say no to NIDS
  ☆71Updated 5 years ago
• LennyLeng / SOC_Sankey_Generator
  ☆57Updated 4 years ago
• jvdroit / Suricata-rules
  ☆9Updated 8 years ago
• nixawk / nmap_vscan
  nmap service and application version detection (without nmap installation)
  ☆114Updated 7 years ago
• RF-CTI / SANS-summit
  ☆30Updated 2 years ago
• zhanghaoyil / seesaw
  Automatic reversed shell detecting and defensing
  ☆51Updated 6 years ago
• penoxcn / VMware
  ☆21Updated 7 years ago
• JiaHeng-DLUT / Webshell-samples
  webshell and nonwebshell samples，which can be used to train machine learning models to detect webshell
  ☆43Updated 6 years ago
• master3values / Attack-Cloud
  Att&ck Cloud相关
  ☆21Updated 4 years ago
• hi-WenR0 / MLCheckWebshell
  ☆105Updated 7 years ago
• G4rb3n / Script-Ganker
  恶意脚本检测分类工具
  ☆40Updated 4 years ago
• NotSoSecure / icmp_tunnel_ex_filtrate
  Code snippet accompanying blog post
  ☆30Updated 9 years ago
• CSecGroup / wafid
  Wafid identify and fingerprint Web Application Firewall (WAF) products.
  ☆49Updated 6 years ago
• u2400 / libc_hook_demo
  一个HIDS agent端的demo
  ☆17Updated 5 years ago
• MisakiKata / watchfile
  基于inotify的Linux文件实时监控程序，同时调用河马扫描来检测文件
  ☆22Updated 4 years ago
• al0ne / suricata_optimize
  Suricata安装部署&丢包优化&性能调优&规则调整&Pfring设置
  ☆141Updated 5 years ago
• PolarisLab / S2-045
  Struts2 S2-045（CVE-2017-5638）Vulnerability environment - http://www.mottoin.com/97954.html
  ☆24Updated 8 years ago
• NewBee119 / check_ip
  check_IP is to judge whether a IP is malicious based on open threat intelligence，基于开源威胁情报AlienVault，排查IP地址及域名的恶意性
  ☆52Updated 6 years ago
• 360netlab / flint
  The python client of passivedns.cn
  ☆97Updated 6 years ago
• cahi1l1yn / aclAuditor
  Audit your acl of network device
  ☆34Updated 4 years ago
• Qianlitp / WatchAD-Web
  A simple web platform for WatchAD
  ☆109Updated 2 years ago
• rabbitmask / WeblogicScanServer
  开启WeblogicScanV3.*系列，采用Server部署，支持远程Weblogic漏洞扫描
  ☆55Updated 4 years ago
• netxfly / docker-remote-api-exp
  docker remote api未授权访问的利用代码
  ☆50Updated 8 years ago
• iiilin / inbtscan
  Python nbtstat + smb_version without third party packages
  ☆30Updated 4 years ago
• hardenedlinux / hardenedlinux-zeek-scripts
  ☆38Updated last year