snort-rules
py-idstools
snort-rules | py-idstools | |
---|---|---|
1 | 1 | |
153 | 268 | |
- | - | |
3.8 | 5.6 | |
about 3 years ago | 6 months ago | |
C | Python | |
- | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
snort-rules
py-idstools
-
Regex Challenge - Field Extraction
I like this a lot. We have a in-house Snort 2 forwarder that does a similar thing with https://github.com/jasonish/py-idstools and forwards the result directly using HEC. We could use the same code base for dnstap if we wanted.
What are some alternatives?
Wazuh - Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
wazuh-ruleset - Wazuh - Ruleset
Suricata - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.
Malcolm - Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
security-onion - Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management
Fail2Ban - Daemon to ban hosts that cause multiple authentication errors
OSSEC - OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
pulledpork - Pulled Pork for Snort and Suricata rule management (from Google code)