suricata-rule

Suricata IDS rules 用来检测红队渗透/恶意行为等，支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等

CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule

Suricata rules for network anomaly detection

OPNSense's Suricata IDS/IPS Detection Rules Against NMAP Scans

Collection of Suricata rule sets that I use modified to my environments.

Pure python parser for Snort/Suricata rules.

CVE-2020-16899 - Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule

此Suricata IDS Rules 用于检测网络攻击行为，支持常见C2工具/中间件漏洞利用/Frp隧道/HTTP隧道/TCP隧道/常见webshell/redis未授权/Shiro反序列化/Fastjson反序列化/挖矿/SQL注入等特征

Ripple20 Critical Vulnerabilities - Detection Logic and Signatures

Golang Suricata/Snort rules parser and generator

Porting Suricata to Bro signatures

Snort and Suricata Rules

Kibana logging for simple_lamp server