#
suricata
Here are 104 public repositories matching this topic...
A Suricata based IDS/IPS distro
-
Updated
Oct 28, 2020 - Shell
Scirius is a web application for Suricata ruleset management.
-
Updated
Nov 30, 2020 - Python
Suricata IDS rules 用来检测红队渗透/恶意行为等,支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等
-
Updated
Aug 18, 2020
QNSM is network security monitoring framework based on DPDK.
-
Updated
Apr 15, 2020 - C
CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule
microsoft
lua
windows-10
rce
suricata
atr
cve
neighbor-discovery
buffer-overflow
mcafee
neighbor-discovery-protocol
suricata-rule
icmpv6
buffer-overflow-vulnerability
tcpip-stack
cve-2020-16898
bad-neighbor
badneighbor
-
Updated
Oct 26, 2020 - Lua
idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)
-
Updated
Aug 3, 2020 - Python
An All-In-One home intrusion detection system (IDS) solution for the Raspberry PI.
raspberry-pi
iot
monitor
raspberrypi
bro
suricata
intrusion-detection
raspbian
securityonion
internetofthings
-
Updated
Jun 30, 2018 - Python
Suricata IDS/IPS log analytics using the Elastic Stack.
-
Updated
Jul 25, 2020 - Shell
A lightweight tool to score network traffic and flag anomalies
-
Updated
Jan 13, 2020 - Go
gonids is a library to parse IDS rules, with a focus primarily on Suricata rule compatibility. There is a discussion forum available that you can join on Google Groups: https://groups.google.com/forum/#!topic/gonids/
-
Updated
Sep 22, 2020 - Go
DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat detection
python
elasticsearch
kibana
logstash
netflow
ipfix
python3
dashboards
suricata
network-analysis
agents
network-traffic
zeek
dynamite-nsm
-
Updated
Dec 4, 2020 - Python
Cyber Defence Monitoring Course Suite :: TICK, Suricata, Moloch
-
Updated
Mar 17, 2020 - Jupyter Notebook
add dpdk interface and packet processing to suricata in worker mode
-
Updated
Aug 7, 2020 - C
Suricata 4.1.2+ rules for network anomaly detection
-
Updated
Sep 21, 2020
A website and framework for testing NIDS detection
-
Updated
Jul 13, 2020 - Shell
dpdk infrastructure for software acceleration. Currently working on RX and ACL pre-filter
-
Updated
Oct 21, 2020 - C
Collector
alert
waf
suricata
ids
collector
hids
nids
modsecurity
normalization
wazuh
falco
docker-security
agregation
edr
priority-events
netflow-collector
-
Updated
Dec 3, 2020 - C++
Mapping NSM rules to MITRE ATT&CK
-
Updated
Aug 29, 2020
pcapdj - dispatch pcap files
-
Updated
Jul 28, 2020 - C
King-Konsto
commented
Mar 7, 2019
It would be great to match against known bad TLS certificate fingerprints and/or serial numbers with a bloomfilter. I see to possibilities here:
- Include bad fingerprints/serial numbers in default bloomfilter and match against the belonging fields in tls eve output.
- Include bad fingerpints/serial numbers in a sort of blacklist and match against the fingerprint/serial number feld in tls eve
Improve this page
Add a description, image, and links to the suricata topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the suricata topic, visit your repo's landing page and select "manage topics."
At the moment, we have some first unit tests. This is fine to check correctness at a fine granularity.
It would be nice as well to have a test case running somewhere that tests a combination of inputs against an actual backend and checks whether queries are correct, both using the GraphQL frontend and backend-specific query methods.