idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)
-
Updated
Nov 1, 2023 - Python
idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)
The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat hunting rules.
SNORT GUI: Your very own trusted blueteam forensic companion for SNORT IDS.
A tool for simplifying network administration. Gets log messages from Snort IDS, processes them, classifies them as either THREAT / NOT_THREAT then creates a pop up window incase of a threat.
My personal research repository for a Master Degree in Computer Technology @ University of Computer Studies, Mandalay (UCSM).
SigZap is a Streamlit application designed to facilitate the search across multiple network signature sets at once.
A quick and easy way to turn traffic generated by exploit script in to network capture (i.e. PCAP) files.
Ryu based Software Defined Network applications implementing a Digital Forensic Readiness framework using the Snort IDS.
Tool that 'plays' Snort rules as network traffic. Useful for validating if existing toolsets will detect malicious traffic.
a new network detection format (sigma like but for network)
Complemento e instalación de SNORT
Given a file containing a list of fully qualified DNS domains, quickburn generates IDS rules which detect those domains (and their subdomains) in DNS queries, the HTTP Host header, or TLS SNI (or all of the above!)
Basic Implementation of Snort as a IDS to detect certain attacks.
Add a description, image, and links to the snort topic page so that developers can more easily learn about it.
To associate your repository with the snort topic, visit your repo's landing page and select "manage topics."