eewidsEasily Expandable Wireless Intrusion Detection System
Stars: ✭ 25 (-50.98%)
UTMFWUTM Firewall on OpenBSD
Stars: ✭ 104 (+103.92%)
Uuid RandomFastest UUID with cryptographic PRNG for JS
Stars: ✭ 87 (+70.59%)
Wazuh DockerWazuh - Docker containers
Stars: ✭ 213 (+317.65%)
vim-syntax-yaraA Vim syntax-highlighting file for YARA rules
Stars: ✭ 26 (-49.02%)
Threatbus🚌 The missing link to connect open-source threat intelligence tools.
Stars: ✭ 139 (+172.55%)
wazuh-packagesWazuh - Tools for packages creation
Stars: ✭ 54 (+5.88%)
whohkwhohk,linux下一款强大的应急响应工具 在linux下的应急响应往往需要通过繁琐的命令行来查看各个点的情况,有的时候还需要做一些格式处理,这对于linux下命令不是很熟悉的人比较不友好。本工具将linux下应急响应中常用的一些操作给集合了起来,并处理成了较为友好的格式,只需要通过一个参数就能代替繁琐复杂的命令来实现对各个点的检查。
Stars: ✭ 260 (+409.8%)
Wazuh ChefWazuh - Chef cookbooks
Stars: ✭ 9 (-82.35%)
ShortidSuper short, fully unique, non-sequential and URL friendly Ids
Stars: ✭ 657 (+1188.24%)
Sagan** README ** This repo has MOVED to https://github.com/quadrantsec/sagan
Stars: ✭ 236 (+362.75%)
shortidSuper short, fully unique, non-sequential and URL-friendly Ids
Stars: ✭ 20 (-60.78%)
Py Idstoolsidstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)
Stars: ✭ 205 (+301.96%)
yara-forensicsSet of Yara rules for finding files using magics headers
Stars: ✭ 115 (+125.49%)
SuricataSuricata git repository maintained by the OISF
Stars: ✭ 2,274 (+4358.82%)
firewall-controllerA kubernetes controller running on bare-metal firewalls, creating nftables rules, configures suricata, collects network metrics
Stars: ✭ 37 (-27.45%)
Docker BroBro IDS Dockerfile
Stars: ✭ 126 (+147.06%)
youtube-playlist❄️ Extract links, ids, and names from a youtube playlist
Stars: ✭ 73 (+43.14%)
JxnetJxnet is a Java library for capturing and sending custom network packet buffers with no copies. Jxnet wraps a native packet capture library (libpcap/winpcap/npcap) via JNI (Java Native Interface).
Stars: ✭ 26 (-49.02%)
Fail2banDaemon to ban hosts that cause multiple authentication errors
Stars: ✭ 6,677 (+12992.16%)
yara-parserTools for parsing rulesets using the exact grammar as YARA. Written in Go.
Stars: ✭ 69 (+35.29%)
PEiDYet another implementation of PEiD with yara
Stars: ✭ 12 (-76.47%)
Suricata RulesSuricata IDS rules 用来检测红队渗透/恶意行为等,支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等
Stars: ✭ 397 (+678.43%)
SigmaGeneric Signature Format for SIEM Systems
Stars: ✭ 4,418 (+8562.75%)
Pf ringHigh-speed packet processing framework
Stars: ✭ 2,102 (+4021.57%)
S1EMThis project is a SIEM with SIRP and Threat Intel, all in one.
Stars: ✭ 270 (+429.41%)
yaraMalice Yara Plugin
Stars: ✭ 27 (-47.06%)
Pi.alertWIFI / LAN intruder detector. Check the devices connected and alert you with unknown devices. It also warns of the disconnection of "always connected" devices
Stars: ✭ 209 (+309.8%)
hashids.pmHashids, ported for Perl
Stars: ✭ 15 (-70.59%)
WhidsOpen Source EDR for Windows
Stars: ✭ 188 (+268.63%)
WazuhWazuh - The Open Source Security Platform
Stars: ✭ 3,154 (+6084.31%)
threat-intelSignatures and IoCs from public Volexity blog posts.
Stars: ✭ 130 (+154.9%)
Suricata UpdateThe tool for updating your Suricata rules.
Stars: ✭ 143 (+180.39%)
ML-IDSAn IDS implementation using machine learning
Stars: ✭ 30 (-41.18%)
Snort RulesAn UNOFFICIAL Git Repository of Snort Rules(IDS rules) Releases.
Stars: ✭ 135 (+164.71%)
uzenWebsite crawler with YARA detection
Stars: ✭ 84 (+64.71%)
Particle64 bit ID Generator
Stars: ✭ 125 (+145.1%)
r2yarar2yara - Module for Yara using radare2 information
Stars: ✭ 30 (-41.18%)
TelerReal-time HTTP Intrusion Detection
Stars: ✭ 1,248 (+2347.06%)
prickly-peteA script using Docker to quickly bring up some honeypots exposing lots of services. For research, reconnaissance, and fun. (DISCLAIMER may not be fun, not to be taken internally, aim away from face)
Stars: ✭ 29 (-43.14%)
Optimus🤖 Id obfuscation based on Knuth's multiplicative hashing method for PHP.
Stars: ✭ 1,084 (+2025.49%)
ansible-zeeksetup zeek, previously Bro IDS
Stars: ✭ 14 (-72.55%)
OssaOpen-Source Security Architecture | 开源安全架构
Stars: ✭ 796 (+1460.78%)
yara-exporterExporting MISP event attributes to yara rules usable with Thor apt scanner
Stars: ✭ 22 (-56.86%)
SelksA Suricata based IDS/IPS distro
Stars: ✭ 707 (+1286.27%)
TNSR IDSIDS using a port mirror, Snort and an alert -> RESTCONF utility
Stars: ✭ 30 (-41.18%)
HashidsA small PHP library to generate YouTube-like ids from numbers. Use it when you don't want to expose your database ids to the user.
Stars: ✭ 4,596 (+8911.76%)
Judge-Jury-and-ExecutableA file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
Stars: ✭ 66 (+29.41%)
binlexA Binary Genetic Traits Lexer Framework
Stars: ✭ 303 (+494.12%)
pyarascannerA simple many-rules to many-files YARA scanner for incident response or malware zoos.
Stars: ✭ 23 (-54.9%)
ScanrDetect x86 shellcode in files and traffic.
Stars: ✭ 16 (-68.63%)
testmynids.orgA website and framework for testing NIDS detection
Stars: ✭ 55 (+7.84%)
ImHex-PatternsHex patterns, include patterns and magic files for the use with the ImHex Hex Editor
Stars: ✭ 192 (+276.47%)