Malcolm by cisagov

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

created at May 13, 2019, 6:35 p.m.

Python

53 -1

1,963 +8

331 +5

GitHub
SELKS by StamusNetworks

A Suricata based IDS/IPS/NSM distro

created at May 15, 2014, 1:13 p.m.

Shell

99 +0

1,479 +3

285 +0

GitHub
PacketStreamer by deepfence

star star Distributed tcpdump for cloud native environments star star

created at March 25, 2022, 2:31 p.m.

Go

12 +0

1,885 +4

251 -1

GitHub
scirius by StamusNetworks

Scirius is a web application for Suricata ruleset management and threat hunting.

created at May 4, 2014, 7:15 p.m.

Python

56 +0

635 +2

150 +1

GitHub
dalton by secureworks

Suricata and Snort IDS rule and pcap testing system

created at Aug. 15, 2017, 6:41 p.m.

Python

41 -3

451 +2

90 +0

GitHub
py-idstools by jasonish

idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)

created at July 12, 2013, 10:14 p.m.

Python

34 +0

276 +0

85 +0

GitHub
docker-suricata by jasonish

A Suricata Docker image.

created at Aug. 28, 2015, 6:07 a.m.

Shell

13 +0

263 +1

76 +0

GitHub
evebox by jasonish

Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search

created at May 22, 2014, 9:14 p.m.

Rust

43 +0

431 +1

67 +0

GitHub
leonidas by WithSecureLabs

Automated Attack Simulation in the Cloud, complete with detection use cases.

created at June 24, 2020, 6:43 p.m.

Python

26 +1

497 +12

60 +0

GitHub
gonids by google

gonids is a library to parse IDS rules, with a focus primarily on Suricata rule compatibility. There is a discussion forum available that you can join on Google Groups: https://groups.google.com/forum/#!topic/gonids/

created at Nov. 17, 2016, 7:50 p.m.

Go

12 +0

180 +0

48 +0

GitHub
Amsterdam by StamusNetworks

Docker based Suricata, Elasticsearch, Logstash, Kibana, Scirius aka SELKS

created at Aug. 23, 2015, 4:17 p.m.

Python

26 +0

184 +0

42 +0

GitHub
hunting-rules by travisbgreen

Suricata rules for network anomaly detection

created at Nov. 11, 2018, 5:53 p.m.

Unknown languages

16 +0

153 +0

41 +0

GitHub
OTX-Suricata by AlienVault-OTX

The OTX Suricata Rule Generator can be used to create the rules and configuration for Suricata to alert on indicators from your OTX account.

created at Feb. 23, 2016, 10:56 p.m.

Python

18 +0

107 +1

32 +0

GitHub
Suricata-Logstash-Templates by pevma

Templates for Kibana/Logstash to use with Suricata IDPS

created at March 30, 2014, 6:32 p.m.

Unknown languages

17 +0

80 +0

30 +0

GitHub
SEPTun by pevma

Suricata Extreme Performance Tuning guide

created at Dec. 23, 2016, 4:23 p.m.

Makefile

22 +0

204 +1

22 +0

GitHub
SEPTun-Mark-II by pevma

Suricata Extreme Performance Tuning guide - Mark II

created at March 8, 2018, 8:38 a.m.

Makefile

10 +0

113 +0

17 +0

GitHub
KTS5 by StamusNetworks

Kibana 5 Templates for Suricata IDPS

created at April 7, 2017, 3:26 p.m.

Python

17 +0

43 +0

15 +0

GitHub
KTS by StamusNetworks

Kibana 4 Templates for Suricata IDPS

created at March 12, 2016, 12:26 a.m.

Shell

12 +0

33 +0

14 +0

GitHub
suriwire by regit

Wireshark plugin to display Suricata analysis info

created at Sept. 28, 2011, 11:12 p.m.

Lua

4 +0

91 +0

12 +0

GitHub
suricata-4-analysts by StamusNetworks

The Security Analyst’s Guide to Suricata

created at Oct. 21, 2022, 3:05 p.m.

Python

8 +1

52 +1

12 +0

GitHub