StamusNetworks/scirius StamusNetworks/scirius

  • Stars
    star
    620
  • Rank 72,387 (Top 2 %)
  • Language
    Python
  • License
    GNU General Publi...
  • Created over 10 years ago
  • Updated 4 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
StamusNetworks/scirius
github

StamusNetworks

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Scirius is a web application for Suricata ruleset management and threat hunting.

Scirius

Introduction

Scirius Community Edition is a web interface dedicated to Suricata ruleset management. It handles the rules file and update associated files.

Suricata page

Scirius CE is developed by Stamus Networks and is available under the GNU GPLv3 license.

Features

Scirius can build Suricata ruleset composed of different sources. Sources or feeds can be picked from public sources published by OISF or can be custom.

public sources from OISF

Scirius will take care of refreshing the sources and composing the ruleset by applying your transformation on it.

Ruleset with 5 sources

Transformations like disabling a rule or applying a threshold (to lower the noise only) can be made for each rule or at the category level.

Rule page

Scirius also presents statistics on rules activity to give information and facilitate the tuning.

Get Help

Documentation

Scirius Documentation is on readthedocs.

Support

You can join IRC #SELKS channel on irc.freenode.net to get help.

You can also ask Scirius related questions on SELKS Forum.

Report an issue

You can report an issue on GitHub issue page.

Contributing

From improving the documentation to coding new features, there is more than one way to contribute to Scirius. And for all contributions please use a Pull Request on Github.

More Repositories

1

SELKS

A Suricata based IDS/IPS/NSM distro
Shell
1,420
star
2

Amsterdam

Docker based Suricata, Elasticsearch, Logstash, Kibana, Scirius aka SELKS
Python
183
star
3

gophercap

Accurate, modular, scalable PCAP manipulation tool written in Go.
Go
84
star
4

suricata-language-server

Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and auto-completion to your preferred editor once it is configured.
Python
60
star
5

suricata-4-analysts

The Security Analyst’s Guide to Suricata
Python
49
star
6

KTS5

Kibana 5 Templates for Suricata IDPS
Python
43
star
7

KTS7

Kibana 7 Templates for Suricata IDPS Threat Hunting
38
star
8

KTS

Kibana 4 Templates for Suricata IDPS
Shell
33
star
9

suricata-analytics

Jupyter Notebook
25
star
10

KTS6

Kibana 6 Templates for Suricata IDPS Threat Hunting
Python
25
star
11

surimisp

Check IOC provided by a MISP instance on Suricata events
Python
17
star
12

ansible-misp

Ansible playbook to install Malware Information Sharing Platform (MISP)
17
star
13

bpfctrl

Utility based on bpftool to manage eBPF maps
Python
12
star
14

stamus_for_splunk

The Stamus Networks App for Splunk allows Splunk Enterprise users to extract information and insights from both the Stamus Security Platform and open source Suricata sensors.
Python
11
star
15

scirius-docker

Scirius docker container
Shell
9
star
16

suricata-docker

Python
7
star
17

selks-scripts

SELKS scripts
Shell
7
star
18

stamus-luajit-scripts

Stamus luajit scripts for use with Suricata IDPS
Lua
4
star
19

suricata-ls-vscode

VScode part of the Suricata Language Server
TypeScript
3
star
20

pktcity-js

3D visualization of Suricata alerts
JavaScript
2
star
21

labs

Stamus Labs content
1
star
22

stamus-qa-docker

Dockerfile used for QA
Dockerfile
1
star