snort
There are 141 repositories under snort topic.
deepfence/PacketStreamer
:star: :star: Distributed tcpdump for cloud native environments :star: :star:
shirkdog/pulledpork
Pulled Pork for Snort and Suricata rule management (from Google code)
mrash/psad
psad: Intrusion Detection and Log Analysis with iptables
EgeBalci/deoptimizer
Evasion by machine code de-optimization.
jasonish/py-idstools
idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)
3CORESec/testmynids.org
A website and framework for testing NIDS detection
ditekshen/detection
Detection in the form of Yara, Snort and ClamAV signatures.
mandiant/thiri-notebook
The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat hunting rules.
mandiant/heyserial
Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, and rule types
Cisco-Talos/snort-faq
Snort FAQ
gui66497/dockerfiles
自己收藏的常用dockerfile
robcowart/synesis_lite_snort
Snort IDS/IPS log analytics using the Elastic Stack.
0xtf/testmynids.org
A website and framework for testing NIDS detection
pfelk/docker
Deploy pfelk with docker-compose
Truvis/Suricata_Threat-Hunting-Rules
Collection of Suricata rule sets that I use modified to my environments.
Netgate/TNSR_IDS
IDS using a port mirror, Snort and an alert -> RESTCONF utility
thereisnotime/Snort-Rules
Collection of Snort 2/3 rules.
faucetsdn/network-tools
Network Tools
bhdresh/SnortRules
This is an open source Snort rules repository
sous-chefs/snort
Development repository for the snort cookbook
pfelk/ansible
Ansible playbook automation for pfelk
WhiteHatCyberus/SNORT-GUI
SNORT GUI: Your very own trusted blueteam forensic companion for SNORT IDS.
ClamOne/ClamOne
Open Source Linux Frontend to the ClamAV Antivirus Engine
felixe/idsEventGenerator
aka GENESIDS: Reads and parses rules using a "snort like" syntax and generates and sends packets that trigger events in signature based IDS (Intrusion Detection Systems) using these rules
geekscrapy/docker-snort
Snort + Pulledpork + Websnort in Docker!
dthongvl/ids-machine-learning
IDS based on Machine Learning technical
shirkdog/pulledpork3
Pulled Pork for Snort3 rule management
CYB3RMX/BadPig
A compilation of snort rules for detecting malware traffic.
NathanGibbs3/BASE
The continuation of BASE (Basic Analysis and Security Engine), by @secureideas, et al. A web app to query and analyze alerts coming from a SNORT IDS.
bspwnmaster/Raspberry-Pi-Snort.conf-and-Alerting-Engine
Home router IDS solution with a Raspberry Pi 3. Dynamically resolves device name, manufacturer, and alerts user of Snort analytics through email or text. Currently handles around 15,000 rules.
chrislee35/snort-rule
parses and generates Snort rules similar to PERL's Snort::Rule
redBorder/barnyard2
Barnyard2 is a dedicated spooler for Snort's unified2 binary output format.
hrbrmstr/porc
:boar: Tools to Work with 'Snort' Rules, Logs and Data
redBorder/daq
Snort/Suricata DAQ module with DPDK patch
shrunbr/graylog_pfsense_barnyard2
A method for parsing Snort Barnyard2 logs from pfSense in Graylog