Suricata Rules
This repository contains a large collection of rules for the Suricata intrusion detection system (IDS). Suricata is an open-source network IDS that can detect a wide range of threats, including malware, exploits, and other malicious activity. Our rules are designed to be highly effective at detecting web application attack especially detecting latest CVEs.
This repository is heavily influenced by
nuclei-templatesrepository by ProjectDiscovery
Usage
main.py will merge all rules into one file
python3 main.py --path=/path/to/rulesSuricata Rules Statistics
| Rules | Count |
|---|---|
| linux-structures.rules | 16 |
| CNVD-2021.rules | 10 |
| CVE-2008.rules | 9 |
| CVE-2013.rules | 8 |
| sql-injection.rules | 6 |
| CNVD-2020.rules | 5 |
| miscellaneous.rules | 4 |
| CVE-2007.rules | 4 |
| CVE-2020.rules | 4 |
| CVE-2002.rules | 4 |
To-Do
- Add more cvnd rules
- Add more cves rules
- Add more default-logins rules
- Add more miscellaneous rules
- Add more vulnerabilities rules
- Add more
Malwarerules - Add
URL Reference - Add more web application attack rules (e.g.
SQL Injection,XSS, etc)
Contributors
You can contribute to this repository by adding new rules or you can update the existing rules