suricata-rule

Suricata IDS rules 用来检测红队渗透/恶意行为等，支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等

CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule

翻译 - CVE-2020-16898（坏邻居）Microsoft Windows TCP / IP漏洞检测逻辑和规则

Suricata rules for network anomaly detection

OPNSense's Suricata IDS/IPS Detection Rules Against NMAP Scans

Collection of Suricata rule sets that I use modified to my environments.

Pure python parser for Snort/Suricata rules.

CVE-2020-16899 - Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule

Ripple20 Critical Vulnerabilities - Detection Logic and Signatures

Golang Suricata/Snort rules parser and generator

Porting Suricata to Bro signatures

Snort and Suricata Rules

Kibana logging for simple_lamp server