Detection and Hunting Signatures Logo

Detection and Hunting Signatures

0
Free
Visit Website

A set of interrelated network and host detection rules with the aim of improving detection and hunting visibility and context. Where applicable, each Snort rule includes metadata indicating the corresponding Yara and ClamAV rules, and each Yara signature also includes metadata to the corresponding Snort and ClamAV rules, and so on. Supported Rules Currently, Snort 3, Yara and ClamAV rules are supported. Additional singatures and formats are work in progress. Scripts Currently, only scripts available are used to aid in auto-generation of hash-based and certificate-based Yara rules.

FEATURES

ALTERNATIVES

A technique to encode data within DNS queries for covert communication channels.

Django based web application for network traffic analysis with protocol handling capabilities.

A tool for exploiting HTTP/2 cleartext smuggling vulnerabilities

Arkime is an open-source network capture and analysis tool that provides comprehensive network visibility, facilitating swift identification and resolution of security and network issues.

A honeypot system designed to detect and analyze potential security threats

Tcpdump is a command-line packet analyzer for capturing and analyzing network traffic.

Stenographer is a high-performance full-packet-capture utility for intrusion detection and incident response purposes.

Network metadata capture and analysis tool

PINNED