xisafe / suricata-rule Public

Notifications You must be signed in to change notification settings
Fork 14
Star 18

suricata IDS的规则，测试在用的，部分自写的规则视情况放出。

18 stars 14 forks Branches Tags Activity

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 8 Commits
.github/ISSUE_TEMPLATE		.github/ISSUE_TEMPLATE
iprep		iprep
rules		rules
README.md		README.md
classification.config		classification.config
disable.conf		disable.conf
reference.config		reference.config
suricata.yaml		suricata.yaml
threshold.config		threshold.config

Repository files navigation

suricata-rule

suricata IDS的规则，测试在用的，部分自写的规则视情况放出。规则如下

myself.rules 目前没有放出，主要是识别木马
botcc.rules
btc.rules
files.rules
cobaltstrike.rules
dnstunnel.rules
Mining_Behavior_Detection.rules
Maliciousbehavior.rules
mysql_general_log_file.rules
traffic_anomalies.rules
suspicious.rules
tor.rules
web.rules
empire.rules
webshell.rules
metasploit.rules
http-events.rules # available in suricata sources under rules dir
smtp-events.rules # available in suricata sources under rules dir
dns-events.rules # available in suricata sources under rules dir
tls-events.rules # available in suricata sources under rules dir
app-layer-events.rules
decoder-events.rules

About

suricata IDS的规则，测试在用的，部分自写的规则视情况放出。

Report repository

Releases

No releases published

Packages

No packages published