Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

Scirius is a web application for Suricata ruleset management and threat hunting.

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)

The tool for updating your Suricata rules.

An All-In-One home intrusion detection system (IDS) solution for the Raspberry PI.

DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat detection

Fully automated host & network intrusion detection platform. Detects malware from behavioural patterns rather than signatures and enables deeper visibility than legacy tools.

RDP honeypot

Configuring the Suricata IDS to detect DoS attacks by adding custom rule file.

Suricata rules that can detect a wide range of threats, including malware, exploits, and other malicious activity especially web application attacks

Cisco IOS XE implant scanning & detection (CVE-2023-20198, CVE-2023-20273)

Application and service identification rules for Suricata

Check IOC provided by a MISP instance on Suricata events

Parse Suricata rules

Command-line tool to format and syntax highlight Suricata rules

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

Mass Suricata rules creator, from a list of domain

Create basic Suricata and Snort signatures to detect an inbound SSL Cert for a single domain as well as a domain in the outbound TLS SNI field.