A Suricata based IDS/IPS/NSM distro
-
Updated
Apr 24, 2024 - Shell
A Suricata based IDS/IPS/NSM distro
ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks
Open-source framework to detect outliers in Elasticsearch events
Cyber Defence Monitoring Course Suite :: Suricata, Arkime (and others in the past)
monitor macOS for malicious activity
A security monitoring solution for Kubernetes
Threat-hunting tool for Linux
LDAP Watchdog: A real-time linux-compatible LDAP monitoring tool for detecting directory changes, providing visibility into additions, modifications, and deletions for administrators and security researchers.
Defensomania is a security monitoring and incident response card game.
Using nix(DevOps) to deploy Network Security Monitoring System on Debian
Extract TLS certificates from pcap files or network interfaces, fingerprint TLS client/server interactions with ja3/ja3s
A PowerShell client for retrieving and searching Sysmon logs
O24Sec (Object-Oriented Clustering for Security Monitoring)
A Passive DNS backend and collector
This repo creates a docker image for NGINX Management Suite to run it on Kubernetes/Openshift. Optional integration with Second Sight.
Carthage is a comprehensive, all-in-one application monitoring, logging, error handling, and metrics collection solution
This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup a Suricata Port Mirrored Server
Firehose ElasticSearch Kibana Stack for Security Monitoring
Some of my security-related coding projects for OpenBSD: A kernel-based user-profile intrusion detection system (FUPIDS) and an ICMP-based "port-knocking" service (openportd).
Add a description, image, and links to the security-monitoring topic page so that developers can more easily learn about it.
To associate your repository with the security-monitoring topic, visit your repo's landing page and select "manage topics."