suricata

There are 15 repositories under suricata topic.

OISF / suricata
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.
cybersecurity ids intrusion-detection-system intrusion-prevention-system ips network-monitor network-monitoring nsm security suricata threat-hunting
Language:C 4126
deepfence / PacketStreamer
:star: :star: Distributed tcpdump for cloud native environments :star: :star:
soc network-analysis tcpdump-like packet-capture packet-sniffer observability security-tools snort zeek suricata pcap traffic-monitoring infosectools secops forensics-tools hacktoberfest
Language:Go 1852
cisagov / Malcolm
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
arkime cybersecurity infosec network-security network-traffic-analysis networksecurity networktrafficanalysis opensearch opensearch-dashboards pcap security suricata zeek
Language:Python 1766
StamusNetworks / SELKS
A Suricata based IDS/IPS/NSM distro
distribution gui ids ips linux management monitoring network network-intrusion-detection network-security security security-monitoring suricata threat-hunting user-interface
Language:Shell 1183
al0ne / suricata-rules
Suricata IDS rules 用来检测红队渗透/恶意行为等，支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等
ids security signatures suricata suricata-rule
1060
tenzir
tenzir / tenzir
Open source security data pipelines.
dataops incident-response investigation netflow pcap pipelines secdataops security siem sigma soc suricata threathunting zeek
Language:C++ 619
StamusNetworks / scirius
Scirius is a web application for Suricata ruleset management and threat hunting.
cybersecurity detection gui interface management network-intrusion-detection network-security python security signatures suricata suricata-rules threat-hunting user-interface
Language:Python 596
iqiyi / qnsm
QNSM is network security monitoring framework based on DPDK.
dpdk security suricata anti-ddos network-analysis network-security kernel-bypass
Language:C 514
shirkdog / pulledpork
Pulled Pork for Snort and Suricata rule management (from Google code)
snort suricata ruleset perl
Language:Perl 415
jasonish / evebox
Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search
security netsec suricata ids ips nsm
Language:Rust 404
V1D1AN / S1EM
This project is a SIEM with SIRP and Threat Intel, all in one.
kibana elasticsearch logstash filebeat suricata zeek opencti misp malware sigma thehive docker cortex arkime mwdb n8n zircolite yara velociraptor
Language:Shell 391
al0ne / Nmap_Bypass_IDS
Nmap&Zmap特征识别，绕过IDS探测
bypass nmap suricata zmap
323
Malcolm
idaholab / Malcolm
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
arkime cybersecurity infosec network-security network-traffic-analysis networksecurity networktrafficanalysis opensearch opensearch-dashboards pcap security suricata zeek
Language:Python 315
jasonish / py-idstools
idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)
ids intrusion-detection snort suricata unified2
Language:Python 269
OISF / suricata-update
The tool for updating your Suricata rules.
ids ips network-monitoring nsm security suricata
Language:Python 238
synesis_lite_suricata
robcowart / synesis_lite_suricata
Suricata IDS/IPS log analytics using the Elastic Stack.
suricata elasticsearch logstash kibana filebeat log-analytics elk
Language:Shell 229
jasonish / docker-suricata
A Suricata Docker image.
container docker ids nsm podman suricata
Language:Shell 225
g3tsyst3m / BriarIDS
An All-In-One home intrusion detection system (IDS) solution for the Raspberry PI.
raspberry-pi suricata raspbian monitor bro intrusion-detection raspberrypi securityonion internetofthings iot
Language:Python 211
advanced-threat-research / CVE-2020-16898
CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule
cve-2020-16898 suricata suricata-rule lua icmpv6 bad-neighbor rce cve buffer-overflow mcafee atr microsoft windows-10 tcpip-stack buffer-overflow-vulnerability neighbor-discovery neighbor-discovery-protocol badneighbor
Language:Lua 207
google / gonids
gonids is a library to parse IDS rules, with a focus primarily on Suricata rule compatibility. There is a discussion forum available that you can join on Google Groups: https://groups.google.com/forum/#!topic/gonids/
ids network network-security parse security-tools suricata
Language:Go 175
testmynids.org
3CORESec / testmynids.org
A website and framework for testing NIDS detection
networksecurity nids snort snort-rules suricata suricata-rules
Language:Shell 169
DynamiteAI / dynamite-nsm
DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat detection
network-traffic network-analysis zeek suricata netflow ipfix elasticsearch logstash kibana python python3 dashboards agents dynamite-nsm
Language:Python 164
Nirusu / how-to-setup-a-honeypot
How to setup a honeypot with an IDS, ELK and TLS traffic inspection
elk honeypot proxmox suricata tls virtualization polarproxy
145
travisbgreen / hunting-rules
Suricata rules for network anomaly detection
suricata-rule suricata ids nsm threat-hunting cybersecurity anomaly-detection cyber-threat-intelligence network-security network-monitoring lateral-movement threat-intelligence
144
al0ne / suricata_optimize
Suricata安装部署&丢包优化&性能调优&规则调整&Pfring设置
intel ixgbe pfring suricata
132
alphasoc / nfr
A lightweight tool to score network traffic and flag anomalies
security monitoring intrusion-detection malware-analysis bro-ids suricata
Language:Go 123
satta / awesome-suricata
A curated list of awesome things related to Suricata
awesome awesome-list ids ips lists nsm suricata
108
bgenev / impulse-xdr
Fully automated host & network intrusion detection platform. Detects malware from behavioural patterns rather than signatures and enables deeper visibility than legacy tools.
cybersecurity devops security-tools visibility vpc vpc-endpoints vps osquery server-security suricata cloud monitoring security siem xdr
Language:Python 106
ccdcoe / CDMCS
Cyber Defence Monitoring Course Suite :: Suricata, Arkime (and others in the past)
moloch suricata monitoring nsm network-monitoring packet-capture-and-analysis arkime classroom observability packet-capture security-monitoring training
Language:Jupyter Notebook 96
DPDK_SURICATA-4_1_1
vipinpv85 / DPDK_SURICATA-4_1_1
dpdk infrastructure for software acceleration. Currently working on RX and ACL pre-filter
dpdk suricata acl offloading
Language:C 87
3CORESec / S2AN
S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
sigma threat-hunting threat-modeling mitre-attack sigma-rules suricata suricata-rules
Language:C# 83
brimdata / brimcap
Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
brim-desktop pcap suricata zeek
Language:Go 70
0xtf / nsm-attack
Mapping NSM rules to MITRE ATT&CK
mitre-attack network-security-monitoring nsm suricata suricata-rules threat-intelligence
69
kryptoslogic / rdppot
RDP honeypot
honeypot suricata
Language:Python 61
vipinpv85 / DPDK-Suricata_3.0
add dpdk interface and packet processing to suricata in worker mode
dpdk worker-mode suricata ips
Language:C 61
testmynids.org
0xtf / testmynids.org
A website and framework for testing NIDS detection
network-security network-monitoring suricata network-security-monitoring snort emergingthreats nids
Language:Shell 57