snort

There are 8 repositories under snort topic.

• deepfence / PacketStreamer

  :star: :star: Distributed tcpdump for cloud native environments :star: :star:

  socnetwork-analysistcpdump-likepacket-capturepacket-snifferobservabilitysecurity-toolssnortzeeksuricatapcaptraffic-monitoringinfosectoolssecopsforensics-toolshacktoberfest
  Language:Go 1854

• shirkdog / pulledpork

  Pulled Pork for Snort and Suricata rule management (from Google code)

  perlrulesetsnortsuricata
  Language:Perl 415

• mrash / psad

  psad: Intrusion Detection and Log Analysis with iptables

  intrusion-detectioniptableslog-analysissnortmirai-botiptables-logsfirewall
  Language:Perl 377

• jasonish / py-idstools

  idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)

  idsintrusion-detectionsnortsuricataunified2
  Language:Python 268

• ditekshen / detection

  Detection in the form of Yara, Snort and ClamAV signatures.

  clamavdetectioniocrulessignaturessnortyara
  Language:YARA 184
• testmynids.org

  3CORESec / testmynids.org

  A website and framework for testing NIDS detection

  suricatasuricata-rulesnidsnetworksecuritysnortsnort-rules
  Language:Shell 162

• mandiant / thiri-notebook

  The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat hunting rules.

  detection-rulessnortthreat-huntingyara
  Language:Python 149

• mandiant / heyserial

  Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, and rule types

  deserializationyarasnortsnort-rules-generateyara-rule-generatorysoserial
  Language:YARA 133

• Cisco-Talos / snort-faq

  Snort FAQ

  ciscosnortsnort-documentationwiki
  116

• gui66497 / dockerfiles

  自己收藏的常用dockerfile

  dockernessussnort
  Language:Dockerfile 85

• robcowart / synesis_lite_snort

  Snort IDS/IPS log analytics using the Elastic Stack.

  elasticsearchelkkibanalog-analyticslogstashsnort
  Language:Shell 81
• testmynids.org

  0xtf / testmynids.org

  A website and framework for testing NIDS detection

  emergingthreatsnetwork-monitoringnetwork-securitynetwork-security-monitoringnidssnortsuricata
  Language:Shell 56

• pfelk / docker

  Deploy pfelk with docker-compose

  pfelkelasticsearchpfsensesuricatasnortdocker-composedockerdocker-pfelkmaxmind
  Language:Shell 56

• Netgate / TNSR_IDS

  IDS using a port mirror, Snort and an alert -> RESTCONF utility

  snortidsvpp
  Language:Go 36

• Truvis / Suricata_Threat-Hunting-Rules

  Collection of Suricata rule sets that I use modified to my environments.

  suricatasuricata-rulessuricata-rulesnortsnort-rulessnort-rules-generatesnort3securitythreat-intelligencethreat-huntingthreat-detectionthreat-analysisthreat-responsethreat-monitorthreat-intelthreat-gridnetwork-securitynetwork-monitoringnetwork-analysissecurity-awareness
  36

• bhdresh / SnortRules

  This is an open source Snort rules repository

  snortsignatureruleopen-sourcesnort-rules
  30

• faucetsdn / network-tools

  Network Tools

  p0fdocker-containerplug-insnetwork-tapnetwork-analysisnetwork-monitoringnetwork-securitypcappcap-analyzersnortmercurypmercurytcpdumplibtraceasnouilookupouidocker
  Language:C 30

• sous-chefs / snort

  Development repository for the snort cookbook

  chef-cookbookchef-resourcesnortchefhacktoberfestmanaged-by-terraform
  Language:Ruby 27

• thereisnotime / Snort-Rules

  Collection of Snort 2/3 rules.

  rulesetsnortsnort-rulesintrusion-detection-systemintrusion-prevention-system
  26

• pfelk / ansible

  Ansible playbook automation for pfelk

  ansiblepfelkansible-playbookelasticsearchelk-stackpfsensesuricatamaxmindsnortdashboardselk
  24

• felixe / idsEventGenerator

  aka GENESIDS: Reads and parses rules using a "snort like" syntax and generates and sends packets that trigger events in signature based IDS (Intrusion Detection Systems) using these rules

  intrusion-detectionsnort
  Language:C++ 21

• ClamOne / ClamOne

  Open Source Linux Frontend to the ClamAV Antivirus Engine

  qt5clamavsnortgui
  Language:C++ 19

• dthongvl / ids-machine-learning

  IDS based on Machine Learning technical

  idskmeans-clusteringsnortlatexnsl-kdd
  Language:C++ 19

• shirkdog / pulledpork3

  Pulled Pork for Snort3 rule management

  pythonrulesetsnortsnort-rules
  Language:Python 19

• WhiteHatCyberus / SNORT-GUI

  SNORT GUI: Your very own trusted blueteam forensic companion for SNORT IDS. OPTIMIZED, SECURE AND ABSOLUTELY FREE!

  computer-scienceconvolutional-neural-networkscybersecurityintrusion-detection-systemintrusion-preventionnetwork-analysisnetwork-securitypcappython3snortwiresharkgui
  Language:Python 17

• CYB3RMX / BadPig

  A compilation of snort rules for detecting malware traffic.

  intrusion-detectionsnortsecuritysnort-rulesnetwork-securitymalware-detection
  15

• geekscrapy / docker-snort

  Snort + Pulledpork + Websnort in Docker!

  dockeridspcappulledporksnortwebsnort
  Language:Dockerfile 15

• bspwnmaster / Raspberry-Pi-Snort.conf-and-Alerting-Engine

  Home router IDS solution with a Raspberry Pi 3. Dynamically resolves device name, manufacturer, and alerts user of Snort analytics through email or text. Currently handles around 15,000 rules.

  alertsbashciscoemailhomehostnameidsipsmanufacturernetworkingnidsraspberry-piraspberry-pi-3raspbianresolverroutersnortssmtpswitchtext
  Language:Shell 13

• chrislee35 / snort-rule

  parses and generates Snort rules similar to PERL's Snort::Rule

  rubysnort
  Language:Ruby 13

• mrlesmithjr / ansible-snort

  ansible-roleansiblesnort
  Language:Shell 13

• NathanGibbs3 / BASE

  The continuation of BASE (Basic Analysis and Security Engine), by @secureideas, et al. A web app to query and analyze alerts coming from a SNORT IDS.

  infosecphpphp5php7snortphp8
  Language:PHP 13

• hrbrmstr / porc

  :boar: Tools to Work with 'Snort' Rules, Logs and Data

  rrstatssnortsnort-rulescybersecuritycyberr-cyber
  Language:R 12

• redBorder / barnyard2

  Barnyard2 is a dedicated spooler for Snort's unified2 binary output format.

  redborderredborder-ngsnort
  Language:C 12

• redBorder / daq

  Snort/Suricata DAQ module with DPDK patch

  redbordersnortredborder-ng
  Language:C 10

• shrunbr / graylog_pfsense_barnyard2

  A method for parsing Snort Barnyard2 logs from pfSense in Graylog

  graylogsnortpfsensejsonelasticsearch
  10

• SRouting / SR-sfc-demo

  Chaining of SR-aware and SR-unaware Service Functions

  srv6linuxnfvsfcsegment-routingsrsnortiptables
  Language:Shell 10