⭐ ⭐ Distributed tcpdump for cloud native environments ⭐ ⭐

Pulled Pork for Snort and Suricata rule management (from Google code)

psad: Intrusion Detection and Log Analysis with iptables

Evasion by machine code de-optimization.

A website and framework for testing NIDS detection

idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)

Detection in the form of Yara, Snort and ClamAV signatures.

The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat hunting rules.

Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, and rule types

Snort FAQ

自己收藏的常用dockerfile

Snort IDS/IPS log analytics using the Elastic Stack.

A website and framework for testing NIDS detection

Deploy pfelk with docker-compose

Collection of Suricata rule sets that I use modified to my environments.

Collection of Snort 2/3 rules.

IDS using a port mirror, Snort and an alert -> RESTCONF utility

Network Tools

This is an open source Snort rules repository

SNORT GUI: sniff sniffs the baddies and helps you setup SNORT ids in your network