BRO/Zeek IDS content pack contains pipeline rules, a stream, a dashboard displaying interesting activity, and a syslog tcp input to capture and index BRO/Zeek logs coming from a remote sensor.
-
Updated
Apr 12, 2020
#
security-onion
Here are 27 public repositories matching this topic...
This project aims to enhance intrusion detection using Security Onion by integrating machine learning models for improved alert prioritization.
python security data-science machine-learning jupyter-notebook cybersecurity network-security intrusion-detection-system security-onion
-
Updated
Sep 25, 2024 - Jupyter Notebook
Collection of PatternDB files to parse Ubiquiti Unifi events into Security Onion's Syslog-NG and ELSA
-
Updated
Apr 24, 2017
Standalone Security Onion Setup + Network Simulation using Two Devices
-
Updated
Jul 6, 2024
YARA signature | YARA rule for Detecting Voldemort Malware
splunk malware threat-hunting cuckoo yara security-onion soar edr voldemort yara-rule voldemort-malware
-
Updated
Sep 9, 2024 - YARA
Test your IDS with a simple python2.7 SCAPY tool.
-
Updated
Apr 20, 2018 - Python
Security Onion Packet Capture Download scripts
-
Updated
Nov 10, 2019 - Python
Presenting a guide and systematic methodology for implementing securityonion / ELK elastic search stack. Checklists, Samples, Tips, and Tricks
-
Updated
Dec 29, 2020
A Security Onion deployment project for intrusion detection and log analysis. Includes standalone, pfSense, internal, and cloud scenarios with Suricata, Zeek, Wazuh, and ELK stack integration.
-
Updated
Aug 12, 2025
Security Operations Center: pfSense firewall, Security Onion IDS/IPS, Splunk SIEM, Wazuh EDR and Microsoft Defender for Endpoint — multi-layered threat monitoring, detection and incident response
splunk incident-response cybersecurity siem pfsense soc network-security security-onion wazuh security-lab security-operations-center
-
Updated
Jan 12, 2026
Security Onion
-
Updated
Apr 10, 2026 - Shell
Cybersecurity home lab — multi-VM environment (Windows, Linux, pfSense, Security Onion).
-
Updated
Jan 29, 2026
Full penetration test & SOC monitoring lab — Kali Linux, Metasploit, Security Onion 3.0
vagrant kibana cybersecurity penetration-testing suricata siem kali-linux ethical-hacking red-team metasploit security-onion blue-team
-
Updated
Apr 24, 2026
A fully segmented home SOC lab built on enterprise hardware with MikroTik networking, Proxmox virtualization, and a blue team tooling stack. Documented end to end.
mikrotik cybersecurity kali-linux vlan soc proxmox homelab security-onion wazuh zero-trust blue-team threat-detection home-lab network-segmentation
-
Updated
Jun 14, 2026
Python-based port scan detection pipeline using Zeek logs
-
Updated
Mar 19, 2026 - Python
Full-spectrum cyber operation lab demonstrating red team exploitation and blue team detection using Security Onion SIEM, Metasploit, and MITRE ATT&CK.
incident-response cybersecurity nmap siem soc red-team network-security metasploit security-onion blue-team mitre-attack
-
Updated
May 6, 2026
Full-stack enterprise security lab - firewall segmentation, SIEM/EDR, AD, and attack simulation on a single host.
portfolio virtualbox firewall incident-response active-directory cybersecurity xdr siem homelab ipfire security-onion blue-team edr threat-detection home-lab detection-engineering atomic-red-team soc-analyst soc-lab soc-engineering
-
Updated
May 27, 2026 - Shell
Security monitoring and log analysis — detection dashboards in Security Onion and Splunk.
-
Updated
May 13, 2026
Self-hosted NetBird VPN with Security Onion SIEM integration. Zero-trust mesh networking for secure cloud-local connectivity. 14.7M+ events monitored.
-
Updated
May 1, 2026 - HTML
Improve this page
Add a description, image, and links to the security-onion topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the security-onion topic, visit your repo's landing page and select "manage topics."