#Suricata
Showing 17 of 17 repositories tagged #suricata, ranked by stars
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
A Suricata based NDR distribution
Suricata IDS rules 用来检测红队渗透/恶意行为等,支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等
Tenzir is the data pipeline engine for security teams.
Scirius is a web application for Suricata ruleset management and threat hunting.
QNSM is network security monitoring framework based on DPDK.
Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search
This project is a SIEM with SIRP and Threat Intel, all in one.
Evasion by machine code de-optimization.
Suricata rules for network anomaly detection
I developed a rigorous cybersecurity project portfolio on mock clients covering NIST, audits, Linux, SQL, assets, threats, vulnerabilities, detection, incident response, escalation, Wireshark, tcpdump, IDS (Suricata), SIEM (Splunk, Chronicle), and Python automation.
Fully automated host & network intrusion detection platform. Detects malware from behavioural patterns rather than signatures and enables deeper visibility than legacy tools.
Web interface to explore Suricata EVE outputs
Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
Complete Claude skills toolkit for professional malware analysis. 5 specialized skills covering triage, dynamic analysis, detection engineering, and reporting. Works with REMnux/FlareVM offline environments.
IDPS-ESCAPE: Intrusion Detection and Prevention System - Enhanced Security through a Cooperative Anomaly Prediction Engine. SOAR via a Risk-aware Anomaly Detection-based Automated Response (RADAR) subsystem and a deep learning-based AD subsystem (SONAR), integrated with Wazuh, Flowintel, Suricata