Cve 2020 16898CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule
Py Idstoolsidstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)
BriaridsAn All-In-One home intrusion detection system (IDS) solution for the Raspberry PI.
NfrA lightweight tool to score network traffic and flag anomalies
Dynamite NsmDynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat detection
SelksA Suricata based IDS/IPS distro
SciriusScirius is a web application for Suricata ruleset management.
Suricata RulesSuricata IDS rules 用来检测红队渗透/恶意行为等,支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等
PulledporkPulled Pork for Snort and Suricata rule management (from Google code)
QnsmQNSM is network security monitoring framework based on DPDK.
EveboxWeb Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search
gonidsgonids is a library to parse IDS rules, with a focus primarily on Suricata rule compatibility. There is a discussion forum available that you can join on Google Groups: https://groups.google.com/forum/#!topic/gonids/
brimcapConvert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
vagrant-idsAn Ubuntu 16.04 build containing Suricata, PulledPork, Bro, and Splunk
altprobecollector for XDR and security posture service
TheBriarPatchAn extremely crude, lightweight Web Frontend for Suricata/Bro to be used with BriarIDS
S2ANS2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
balboaserver for indexing and querying passive DNS observations
DPDK SURICATA-4 1 1dpdk infrastructure for software acceleration. Currently working on RX and ACL pre-filter
ansibleAnsible playbook automation for pfelk
S1EMThis project is a SIEM with SIRP and Threat Intel, all in one.
pcapdjpcapdj - dispatch pcap files
feverfast, extensible, versatile event router for Suricata's EVE-JSON format