suricata
There are 170 repositories under suricata topic.
OISF/suricata
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.
cisagov/Malcolm
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
deepfence/PacketStreamer
:star: :star: Distributed tcpdump for cloud native environments :star: :star:
StamusNetworks/SELKS
A Suricata based IDS/IPS/NSM distro
al0ne/suricata-rules
Suricata IDS rules 用来检测红队渗透/恶意行为等,支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等
tenzir/tenzir
Tenzir is the data pipeline engine for security teams.
StamusNetworks/scirius
Scirius is a web application for Suricata ruleset management and threat hunting.
iqiyi/qnsm
QNSM is network security monitoring framework based on DPDK.
jasonish/evebox
Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search
shirkdog/pulledpork
Pulled Pork for Snort and Suricata rule management (from Google code)
V1D1AN/S1EM
This project is a SIEM with SIRP and Threat Intel, all in one.
idaholab/Malcolm
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
al0ne/Nmap_Bypass_IDS
Nmap&Zmap特征识别,绕过IDS探测
EgeBalci/deoptimizer
Evasion by machine code de-optimization.
jasonish/py-idstools
idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)
jasonish/docker-suricata
A Suricata Docker image.
OISF/suricata-update
The tool for updating your Suricata rules.
robcowart/synesis_lite_suricata
Suricata IDS/IPS log analytics using the Elastic Stack.
g3tsyst3m/BriarIDS
An All-In-One home intrusion detection system (IDS) solution for the Raspberry PI.
advanced-threat-research/CVE-2020-16898
CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule
3CORESec/testmynids.org
A website and framework for testing NIDS detection
google/gonids
gonids is a library to parse IDS rules, with a focus primarily on Suricata rule compatibility. There is a discussion forum available that you can join on Google Groups: https://groups.google.com/forum/#!topic/gonids/
DynamiteAI/dynamite-nsm
DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat detection
travisbgreen/hunting-rules
Suricata rules for network anomaly detection
Nirusu/how-to-setup-a-honeypot
How to setup a honeypot with an IDS, ELK and TLS traffic inspection
al0ne/suricata_optimize
Suricata安装部署&丢包优化&性能调优&规则调整&Pfring设置
satta/awesome-suricata
A curated list of awesome things related to Suricata
alphasoc/nfr
A lightweight tool to score network traffic and flag anomalies
bgenev/impulse-xdr
Fully automated host & network intrusion detection platform. Detects malware from behavioural patterns rather than signatures and enables deeper visibility than legacy tools.
ccdcoe/CDMCS
Cyber Defence Monitoring Course Suite :: Suricata, Arkime (and others in the past)
vipinpv85/DPDK_SURICATA-4_1_1
dpdk infrastructure for software acceleration. Currently working on RX and ACL pre-filter
3CORESec/S2AN
S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
brimdata/brimcap
Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
0xtf/nsm-attack
Mapping NSM rules to MITRE ATT&CK
kryptoslogic/rdppot
RDP honeypot
vipinpv85/DPDK-Suricata_3.0
add dpdk interface and packet processing to suricata in worker mode