Application and service identification rules for Suricata

Suricata rule and intel index

Suricata Verification Tests - Testing Suricata Output

The tool for updating your Suricata rules.

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.

Isolated, Scalable, & Lightweight Environment for Training

Modular visual interface for GDB in Python

"What if I tossed small pox into a room filled with sprinters after filling their water cups with red bull."

Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.

Experimental modules for syslog-ng 3.5+

syslog-ng is an enhanced log daemon, supporting a wide range of input and output methods: syslog, unstructured text, queueing, SQL & NoSQL.

Kippo - SSH Honeypot

Syntax checking hacks for vim

pathogen.vim: manage your runtimepath

A Vim plugin which shows git diff markers in the sign column and stages/previews/undoes hunks and partial hunks.

Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search

Scirius is a web application for Suricata ruleset management and threat hunting.

Improvements of/over the original rule2alert

LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces.

Wireshark plugin to display Suricata analysis info

ModSecurity agent for Sguil

LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces.