Detection and Hunting Signatures Logo

Detection and Hunting Signatures

0
Free
Visit Website

A set of interrelated network and host detection rules with the aim of improving detection and hunting visibility and context. Where applicable, each Snort rule includes metadata indicating the corresponding Yara and ClamAV rules, and each Yara signature also includes metadata to the corresponding Snort and ClamAV rules, and so on. Supported Rules Currently, Snort 3, Yara and ClamAV rules are supported. Additional singatures and formats are work in progress. Scripts Currently, only scripts available are used to aid in auto-generation of hash-based and certificate-based Yara rules.

FEATURES

ALTERNATIVES

A network responder supporting various protocols with minimal assumptions on client intentions.

An open source, self-hosted implementation of the Tailscale control server.

SSHGuard protects hosts from brute-force attacks by monitoring system logs, detecting attacks, and blocking attackers using a firewall.

A tool for enumerating X-Forwarded-For headers in HTTP requests

A free, open-source network protocol analyzer for capturing and displaying packet-level data.

Network metadata capture and analysis tool

A tool for creating custom policies for IEE policies

Automated signature creation using honeypots for network intrusion detection systems.