gonidsgonids is a library to parse IDS rules, with a focus primarily on Suricata rule compatibility. There is a discussion forum available that you can join on Google Groups: https://groups.google.com/forum/#!topic/gonids/
Stars: ✭ 140 (-64.74%)
Py Idstoolsidstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)
Stars: ✭ 205 (-48.36%)
SelksA Suricata based IDS/IPS distro
Stars: ✭ 707 (+78.09%)
TheBriarPatchAn extremely crude, lightweight Web Frontend for Suricata/Bro to be used with BriarIDS
Stars: ✭ 21 (-94.71%)
Suricata UpdateThe tool for updating your Suricata rules.
Stars: ✭ 143 (-63.98%)
EveboxWeb Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search
Stars: ✭ 286 (-27.96%)
graylog-zeek-content-packBRO/Zeek IDS content pack contains pipeline rules, a stream, a dashboard displaying interesting activity, and a syslog tcp input to capture and index BRO/Zeek logs coming from a remote sensor.
Stars: ✭ 18 (-95.47%)
ML-IDSAn IDS implementation using machine learning
Stars: ✭ 30 (-92.44%)
shortidSuper short, fully unique, non-sequential and URL-friendly Ids
Stars: ✭ 20 (-94.96%)
testmynids.orgA website and framework for testing NIDS detection
Stars: ✭ 55 (-86.15%)
TNSR IDSIDS using a port mirror, Snort and an alert -> RESTCONF utility
Stars: ✭ 30 (-92.44%)
bsmtraceBSM based intrusion detection system
Stars: ✭ 31 (-92.19%)
ansibleAnsible playbook automation for pfelk
Stars: ✭ 23 (-94.21%)
S1EMThis project is a SIEM with SIRP and Threat Intel, all in one.
Stars: ✭ 270 (-31.99%)
firewall-controllerA kubernetes controller running on bare-metal firewalls, creating nftables rules, configures suricata, collects network metrics
Stars: ✭ 37 (-90.68%)
pcapdjpcapdj - dispatch pcap files
Stars: ✭ 41 (-89.67%)
ProbeManagerCentralize Management of Intrusion Detection System like Suricata Bro Ossec ...
Stars: ✭ 73 (-81.61%)
UTMFWUTM Firewall on OpenBSD
Stars: ✭ 104 (-73.8%)
feverfast, extensible, versatile event router for Suricata's EVE-JSON format
Stars: ✭ 47 (-88.16%)
FragscapyFragscapy is a command-line tool to fuzz network protocols by automating the modification of outgoing network packets. It can run multiple successive tests to determine which options can be used to evade firewalls and IDS.
Stars: ✭ 52 (-86.9%)
Pi.alertWIFI / LAN intruder detector. Check the devices connected and alert you with unknown devices. It also warns of the disconnection of "always connected" devices
Stars: ✭ 209 (-47.36%)
ScanrDetect x86 shellcode in files and traffic.
Stars: ✭ 16 (-95.97%)
NIDS-Intrusion-DetectionSimple Implementation of Network Intrusion Detection System. KddCup'99 Data set is used for this project. kdd_cup_10_percent is used for training test. correct set is used for test. PCA is used for dimension reduction. SVM and KNN supervised algorithms are the classification algorithms of project. Accuracy : %83.5 For SVM , %80 For KNN
Stars: ✭ 45 (-88.66%)
DPDK SURICATA-4 1 1dpdk infrastructure for software acceleration. Currently working on RX and ACL pre-filter
Stars: ✭ 81 (-79.6%)
Security OnionSecurity Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management
Stars: ✭ 2,956 (+644.58%)
youtube-playlist❄️ Extract links, ids, and names from a youtube playlist
Stars: ✭ 73 (-81.61%)
altprobecollector for XDR and security posture service
Stars: ✭ 62 (-84.38%)
QnsmQNSM is network security monitoring framework based on DPDK.
Stars: ✭ 334 (-15.87%)
wazuh-packagesWazuh - Tools for packages creation
Stars: ✭ 54 (-86.4%)
ids高效的分布式id生成器,每个客户端实例tps可达到100万,服务端毫无压力。即使服务端宕机了,id生成依然可用。支持多数据中心,支持id加密。
Stars: ✭ 47 (-88.16%)
nsm-attackMapping NSM rules to MITRE ATT&CK
Stars: ✭ 53 (-86.65%)
brimcapConvert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
Stars: ✭ 22 (-94.46%)
WhidsOpen Source EDR for Windows
Stars: ✭ 188 (-52.64%)
hashids.pmHashids, ported for Perl
Stars: ✭ 15 (-96.22%)
rdppotRDP honeypot
Stars: ✭ 55 (-86.15%)
SigmaGeneric Signature Format for SIEM Systems
Stars: ✭ 4,418 (+1012.85%)
prickly-peteA script using Docker to quickly bring up some honeypots exposing lots of services. For research, reconnaissance, and fun. (DISCLAIMER may not be fun, not to be taken internally, aim away from face)
Stars: ✭ 29 (-92.7%)
harshHashids implementation in Rust
Stars: ✭ 48 (-87.91%)
Sagan** README ** This repo has MOVED to https://github.com/quadrantsec/sagan
Stars: ✭ 236 (-40.55%)
Wazuh DockerWazuh - Docker containers
Stars: ✭ 213 (-46.35%)
IPRadar2Real-time detection and defense against malicious network activity and policy violations (exploits, port-scanners, advertising, telemetry, state surveillance, etc.)
Stars: ✭ 20 (-94.96%)
WazuhWazuh - The Open Source Security Platform
Stars: ✭ 3,154 (+694.46%)
Hashids.jsA small JavaScript library to generate YouTube-like ids from numbers.
Stars: ✭ 3,525 (+787.91%)
S2ANS2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
Stars: ✭ 70 (-82.37%)
Remote-Integrity-ToolThe DearBytes remote integrity tool is an IDS (Intrusion Detection System) that keeps track of files on a remote server and logs an event if a file gets added, removed or modified.
Stars: ✭ 12 (-96.98%)
eewidsEasily Expandable Wireless Intrusion Detection System
Stars: ✭ 25 (-93.7%)
SuricataSuricata git repository maintained by the OISF
Stars: ✭ 2,274 (+472.8%)
PulledporkPulled Pork for Snort and Suricata rule management (from Google code)
Stars: ✭ 339 (-14.61%)
moleYara powered NIDS with high speed packet capture powered by PF_RING
Stars: ✭ 51 (-87.15%)
Threatbus🚌 The missing link to connect open-source threat intelligence tools.
Stars: ✭ 139 (-64.99%)
vagrant-idsAn Ubuntu 16.04 build containing Suricata, PulledPork, Bro, and Splunk
Stars: ✭ 21 (-94.71%)