PacketStreamer by deepfence

Distributed tcpdump for cloud native environments

created at March 25, 2022, 2:31 p.m.

13 +0

1,855 +2

252 +0

Malcolm by cisagov

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

created at May 13, 2019, 6:35 p.m.

54 +1

1,738 +9

285 +0

SELKS by StamusNetworks

A Suricata based IDS/IPS/NSM distro

created at May 15, 2014, 1:13 p.m.

93 +0

1,169 +8

260 +0

scirius by StamusNetworks

Scirius is a web application for Suricata ruleset management and threat hunting.

created at May 4, 2014, 7:15 p.m.

55 +0

590 +3

149 +0

leonidas by WithSecureLabs

Automated Attack Simulation in the Cloud, complete with detection use cases.

created at June 24, 2020, 6:43 p.m.

26 +0

462 +1

58 +0

dalton by secureworks

Suricata and Snort IDS rule and pcap testing system

created at Aug. 15, 2017, 6:41 p.m.

43 +0

428 +1

86 +0

evebox by jasonish

Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search

created at May 22, 2014, 9:14 p.m.

40 +0

399 -2

67 +0

py-idstools by jasonish

idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)

created at July 12, 2013, 10:14 p.m.

34 +0

268 +0

81 -5

docker-suricata by jasonish

A Suricata Docker image.

created at Aug. 28, 2015, 6:07 a.m.

14 +0

222 +1

70 +0

SEPTun by pevma

Suricata Extreme Performance Tuning guide

created at Dec. 23, 2016, 4:23 p.m.

22 +0

199 +0

27 +0

Amsterdam by StamusNetworks

Docker based Suricata, Elasticsearch, Logstash, Kibana, Scirius aka SELKS

created at Aug. 23, 2015, 4:17 p.m.

26 +0

184 +0

42 +0

gonids by google

gonids is a library to parse IDS rules, with a focus primarily on Suricata rule compatibility. There is a discussion forum available that you can join on Google Groups: https://groups.google.com/forum/#!topic/gonids/

created at Nov. 17, 2016, 7:50 p.m.

13 +0

175 +0

58 +0

hunting-rules by travisbgreen

Suricata rules for network anomaly detection

created at Nov. 11, 2018, 5:53 p.m.

16 +0

140 +2

41 +0

SEPTun-Mark-II by pevma

Suricata Extreme Performance Tuning guide - Mark II

created at March 8, 2018, 8:38 a.m.

10 +0

108 +0

18 +0

OTX-Suricata by AlienVault-OTX

The OTX Suricata Rule Generator can be used to create the rules and configuration for Suricata to alert on indicators from your OTX account.

created at Feb. 23, 2016, 10:56 p.m.

17 +0

96 +0

36 +0

suriwire by regit

Wireshark plugin to display Suricata analysis info

created at Sept. 28, 2011, 11:12 p.m.

4 +0

88 +0

15 +0

Suricata-Logstash-Templates by pevma

Templates for Kibana/Logstash to use with Suricata IDPS

created at March 30, 2014, 6:32 p.m.

17 +0

78 +0

30 +0

suricata-language-server by StamusNetworks

Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and auto-completion to your preferred editor once it is configured.

created at Jan. 3, 2022, 2:10 p.m.

6 +0

55 +0

5 +0

fever by DCSO

fast, extensible, versatile event router for Suricata's EVE-JSON format

created at Oct. 24, 2018, 3:28 p.m.

6 +0

48 +0

8 +0

suricata-4-analysts by StamusNetworks

The Security Analyst’s Guide to Suricata

created at Oct. 21, 2022, 3:05 p.m.

6 +0

45 +0

9 +0