Command line tool designed to set up, start and maintain Clear NDR installation.

Recipes used by stamusctl to create Clear NDR instances.

The CRATOS proxy API integrates with your MISP instance and allows to extract indicators that can be consumed by security components such as SIEM, DNS, Proxies, Firewalls, EDR, NDR and other that c…

LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces.

Syntax highlighting for suricata rules

An implementation of the pcapng capture file format encoding in Rust.

pCraft is a PCAP Crafter, which creates a PCAP from an AMI scenario.

Main Sigma Rule Repository

ϲοｎｆｕѕаｂｌе＿һοｍоɡｌｙｐｈｓ

XDP project collaboration through a git-repo

The tool for updating your Suricata rules.

A package for capturing and analyzing network flow data and intraflow data, for network research, forensics, and security monitoring.

Simple streaming pre-processor and enrichment tool for structured logs.

S4A main repository. SaltStack states, install script and build scripts

Source text and experimental data for our paper describing XDP

Your Everyday Threat Intelligence

AWX provides a web-based user interface, REST API, and task engine built on top of Ansible. It is one of the upstream projects for Red Hat Ansible Automation Platform.

Fast and easy tree structures.

Lightweight Elasticsearch compatible search server.

Mirror of the official OISF Suricata git repository

Suricata rules/pcap test platform

Public Repository of all Publicly Available Packet Captures that I've used or come across

Timelion was absorbed into Kibana 5. Don't use this. Time series composer for Elasticsearch and beyond.

DEPRECATED - Packet-journey, userland router which uses DPDK for its fastpath switching.

User guide of MISP

Functional Network Framework for Multi-Core Architectures

idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)

Command-line JSON processor

DEPRECATED - MozDef: Mozilla Enterprise Defense Platform