suricata

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

⭐ ⭐ Distributed tcpdump for cloud native environments ⭐ ⭐

A Suricata based IDS/IPS/NSM distro

Suricata IDS rules 用来检测红队渗透/恶意行为等，支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等

Tenzir is the data pipeline engine for security teams.

Scirius is a web application for Suricata ruleset management and threat hunting.

QNSM is network security monitoring framework based on DPDK.

Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search

Pulled Pork for Snort and Suricata rule management (from Google code)

This project is a SIEM with SIRP and Threat Intel, all in one.

Evasion by machine code de-optimization.

Nmap&Zmap特征识别，绕过IDS探测

idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)

A Suricata Docker image.

The tool for updating your Suricata rules.

A website and framework for testing NIDS detection

Suricata IDS/IPS log analytics using the Elastic Stack.

An All-In-One home intrusion detection system (IDS) solution for the Raspberry PI.

CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule