GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → 0xtf → nsm-attack

0xtf / nsm-attack

Licence: other
Mapping NSM rules to MITRE ATT&CK

Labels

suricatanetwork-security-monitoringnsmthreat-intelligencemitre-attacksuricata-rules

Projects that are alternatives of or similar to nsm-attack

S2AN
S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
Stars: ✭ 70 (+32.08%)
Mutual labels:  suricata, mitre-attack, suricata-rules
Misp Maltego
Set of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.
Stars: ✭ 112 (+111.32%)
Mutual labels:  threat-intelligence, mitre-attack
Security Onion
Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management
Stars: ✭ 2,956 (+5477.36%)
Mutual labels:  network-security-monitoring, nsm
Elemental
Elemental - An ATT&CK Threat Library
Stars: ✭ 241 (+354.72%)
Mutual labels:  threat-intelligence, mitre-attack
connectors
OpenCTI connectors
Stars: ✭ 135 (+154.72%)
Mutual labels:  threat-intelligence, mitre-attack
threat-intel
Signatures and IoCs from public Volexity blog posts.
Stars: ✭ 130 (+145.28%)
Mutual labels:  threat-intelligence, suricata-rules
cycat-service
CyCAT.org API back-end server including crawlers
Stars: ✭ 25 (-52.83%)
Mutual labels:  threat-intelligence, mitre-attack
attckr
⚔️MITRE ATT&CK Machinations in R
Stars: ✭ 22 (-58.49%)
Mutual labels:  threat-intelligence, mitre-attack
testmynids.org
A website and framework for testing NIDS detection
Stars: ✭ 55 (+3.77%)
Mutual labels:  suricata, network-security-monitoring
docker-suricata
A Suricata Docker image.
Stars: ✭ 120 (+126.42%)
Mutual labels:  suricata, nsm
altprobe
collector for XDR and security posture service
Stars: ✭ 62 (+16.98%)
Mutual labels:  suricata
IronNetTR
Threat research and reporting from IronNet's Threat Research Teams
Stars: ✭ 36 (-32.08%)
Mutual labels:  threat-intelligence
pyc2bytecode
A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)
Stars: ✭ 70 (+32.08%)
Mutual labels:  threat-intelligence
gonids
gonids is a library to parse IDS rules, with a focus primarily on Suricata rule compatibility. There is a discussion forum available that you can join on Google Groups: https://groups.google.com/forum/#!topic/gonids/
Stars: ✭ 140 (+164.15%)
Mutual labels:  suricata
YAFRA
YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Stars: ✭ 22 (-58.49%)
Mutual labels:  threat-intelligence
examples
Network Service Mesh examples repo
Stars: ✭ 14 (-73.58%)
Mutual labels:  nsm
misp-takedown
A curses-style interface for automatic takedown notification based on MISP events.
Stars: ✭ 19 (-64.15%)
Mutual labels:  threat-intelligence
TheBriarPatch
An extremely crude, lightweight Web Frontend for Suricata/Bro to be used with BriarIDS
Stars: ✭ 21 (-60.38%)
Mutual labels:  suricata
pybinaryedge
Python 3 Wrapper for the BinaryEdge API https://www.binaryedge.io/
Stars: ✭ 16 (-69.81%)
Mutual labels:  threat-intelligence
rstthreats
Aggregated Indicators of Compromise collected and cross-verified from multiple open and community-supported sources, enriched and ranked using our intelligence platform for you. Threat Intelligence, Threat feed, Open source feed.
Stars: ✭ 17 (-67.92%)
Mutual labels:  threat-intelligence
View All Similar Projects ➔

Mapping NSM rules to MITRE ATT&CK Techniques

About

The idea behind this project is to categorize and develop, where feasible, Suricata (and general NSM) rules by mapping them against the MITRE ATT&CK framework.

How does it work?

Each technique has its own folder. Inside the folder, one of two things can happen:

  • We will link to existing rules from known rulesets if a rule already exists
  • We will share the rule in the format used by Suricata

The following rulesets are currently considered by this project:

Have something to share?

Feel free to reach out to me via Twitter (@0xtf) if you have some rules you'd like to share or comments/questions/tips.

MITRE ATT&CK Navigator

Browse supported techniques using this URL.

Sponsorship

If you're interested in working in this project, 3CORESec has a sponsorship program that allows you to get paid for your contributions to open source projects.

Get in touch for more information!

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].