Malcolm by cisagov

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

created at May 13, 2019, 6:35 p.m.

Python

54 +1

2,000 +14

334 +2

GitHub
PacketStreamer by deepfence

star star Distributed tcpdump for cloud native environments star star

created at March 25, 2022, 2:31 p.m.

Go

12 +0

1,890 +1

251 +0

GitHub
SELKS by StamusNetworks

A Suricata based IDS/IPS/NSM distro

created at May 15, 2014, 1:13 p.m.

Shell

100 +0

1,492 +4

285 +0

GitHub
scirius by StamusNetworks

Scirius is a web application for Suricata ruleset management and threat hunting.

created at May 4, 2014, 7:15 p.m.

Python

56 +0

636 +0

150 +0

GitHub
leonidas by WithSecureLabs

Automated Attack Simulation in the Cloud, complete with detection use cases.

created at June 24, 2020, 6:43 p.m.

Python

26 +0

535 +6

63 +1

GitHub
dalton by secureworks

Suricata, Snort and Zeek IDS rule and pcap testing system

created at Aug. 15, 2017, 6:41 p.m.

Python

40 +0

460 +0

92 +0

GitHub
evebox by jasonish

Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search

created at May 22, 2014, 9:14 p.m.

Rust

43 +0

433 +0

67 +0

GitHub
py-idstools by jasonish

idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)

created at July 12, 2013, 10:14 p.m.

Python

34 +0

278 +1

86 +1

GitHub
docker-suricata by jasonish

A Suricata Docker image.

created at Aug. 28, 2015, 6:07 a.m.

Shell

14 +0

269 +1

75 +0

GitHub
SEPTun by pevma

Suricata Extreme Performance Tuning guide

created at Dec. 23, 2016, 4:23 p.m.

Makefile

22 +0

204 +0

22 +0

GitHub
Amsterdam by StamusNetworks

Docker based Suricata, Elasticsearch, Logstash, Kibana, Scirius aka SELKS

created at Aug. 23, 2015, 4:17 p.m.

Python

26 +0

184 +0

42 +0

GitHub
gonids by google

gonids is a library to parse IDS rules, with a focus primarily on Suricata rule compatibility. There is a discussion forum available that you can join on Google Groups: https://groups.google.com/forum/#!topic/gonids/

created at Nov. 17, 2016, 7:50 p.m.

Go

12 +0

180 +0

49 +1

GitHub
hunting-rules by travisbgreen

Suricata rules for network anomaly detection

created at Nov. 11, 2018, 5:53 p.m.

Unknown languages

16 +0

154 +0

42 +0

GitHub
SEPTun-Mark-II by pevma

Suricata Extreme Performance Tuning guide - Mark II

created at March 8, 2018, 8:38 a.m.

Makefile

10 +0

114 +1

17 +0

GitHub
OTX-Suricata by AlienVault-OTX

The OTX Suricata Rule Generator can be used to create the rules and configuration for Suricata to alert on indicators from your OTX account.

created at Feb. 23, 2016, 10:56 p.m.

Python

18 +0

107 +0

32 +0

GitHub
suriwire by regit

Wireshark plugin to display Suricata analysis info

created at Sept. 28, 2011, 11:12 p.m.

Lua

4 +0

92 +0

12 +0

GitHub
Suricata-Logstash-Templates by pevma

Templates for Kibana/Logstash to use with Suricata IDPS

created at March 30, 2014, 6:32 p.m.

Unknown languages

17 +0

80 +0

30 +0

GitHub
suricata-language-server by StamusNetworks

Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and auto-completion to your preferred editor once it is configured.

created at Jan. 3, 2022, 2:10 p.m.

Python

7 +0

66 +1

8 +0

GitHub
opnsense-suricata-nmaps by aleksibovellan

OPNSense's Suricata IDS/IPS Detection Rules Against NMAP Scans

created at June 4, 2023, 11:56 p.m.

Unknown languages

1 +0

59 +1

4 +0

GitHub
suricata-4-analysts by StamusNetworks

The Security Analyst’s Guide to Suricata

created at Oct. 21, 2022, 3:05 p.m.

Python

8 +0

53 +0

12 +0

GitHub