Malcolm by cisagov

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

updated at June 9, 2024, 10:02 a.m.

54 +0

1,792 +6

297 +0

hunting-rules by travisbgreen

Suricata rules for network anomaly detection

updated at June 8, 2024, 6:07 a.m.

16 +0

146 +1

41 +0

scirius by StamusNetworks

Scirius is a web application for Suricata ruleset management and threat hunting.

updated at June 8, 2024, 3:53 a.m.

55 +0

602 +3

148 +0

PacketStreamer by deepfence

Distributed tcpdump for cloud native environments

updated at June 8, 2024, 12:36 a.m.

13 +0

1,856 -1

254 +1

gonids by google

gonids is a library to parse IDS rules, with a focus primarily on Suricata rule compatibility. There is a discussion forum available that you can join on Google Groups: https://groups.google.com/forum/#!topic/gonids/

updated at June 7, 2024, 6:40 p.m.

13 +0

176 +1

50 -8

aristotle by secureworks

None

updated at June 7, 2024, 6:04 p.m.

8 +0

29 +1

8 +0

fever by DCSO

fast, extensible, versatile event router for Suricata's EVE-JSON format

updated at June 7, 2024, 4:41 p.m.

6 +0

49 +1

8 +0

docker-suricata by jasonish

A Suricata Docker image.

updated at June 7, 2024, 3:36 p.m.

13 +0

229 +2

73 +1

suricata-style-guide by sidallocation

Suricata community style guide

updated at June 7, 2024, 12:26 p.m.

NEW!

5 +0

3 +0

0 +0

suricatax-rule-parser-rs by jasonish

None

updated at June 6, 2024, 6:51 p.m.

3 +0

8 +1

3 +1

suricata_exporter by corelight

A Prometheus Exporter for Suricata

updated at June 6, 2024, 9:32 a.m.

4 +0

11 +0

10 +0

suricata-language-server by StamusNetworks

Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and auto-completion to your preferred editor once it is configured.

updated at June 5, 2024, 9:06 p.m.

6 +0

56 +1

6 +1

SELKS by StamusNetworks

A Suricata based IDS/IPS/NSM distro

updated at June 5, 2024, 7:53 p.m.

93 +0

1,190 +3

260 +0

SEPTun by pevma

Suricata Extreme Performance Tuning guide

updated at June 5, 2024, 1:43 p.m.

22 +0

201 +1

27 +0

suricata-prettifier by theY4Kman

Command-line tool to format and syntax highlight Suricata rules

updated at June 4, 2024, 11:05 p.m.

3 +0

12 +1

2 +0

Suricata-Monitoring by VVelox

LibreNMS JSON / Nagios monitor for Suricata stats.

updated at June 4, 2024, 4:24 a.m.

2 +0

0 +0

0 +0

evebox by jasonish

Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search

updated at June 4, 2024, 1:57 a.m.

41 +0

408 +1

67 +0

dalton by secureworks

Suricata and Snort IDS rule and pcap testing system

updated at June 3, 2024, 1:57 p.m.

43 +0

431 +1

85 +0

opnsense-suricata-nmaps by aleksibovellan

OPNSense's Suricata IDS/IPS Detection Rules Against NMAP Scans

updated at June 2, 2024, 8:35 p.m.

1 +0

30 +1

3 +0

SEPTun-Mark-II by pevma

Suricata Extreme Performance Tuning guide - Mark II

updated at June 2, 2024, 3:51 p.m.

10 +0

112 +1

17 +0