Security Monitoring
Showing 36 of 63 projects
A real-time web log analyzer and interactive viewer that runs in terminal or browser for instant server monitoring.
A high-level tracing language for Linux that leverages eBPF for efficient system and application observability.
An all-in-one, optionally distributed, multi-architecture honeypot platform with 20+ honeypots, visualization via Elastic Stack, and live attack maps.
A malicious traffic detection system that monitors network traffic for blacklisted threats and suspicious activities using public feeds and heuristics.
An open-source, large-scale network packet capture, indexing, and analysis system for security and network monitoring.
A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.
Open Source Host-based Intrusion Detection System performing log analysis, file integrity checking, rootkit detection, and active response.
A curated list of awesome open-source tools, detection rules, datasets, and resources for threat detection and hunting.
A binary and file access authorization system for macOS that monitors and controls application execution.
An endpoint visibility and collection tool using the Velociraptor Query Language (VQL) for host-based state information gathering.
A Linux distribution for threat hunting, enterprise security monitoring, and log management.
A modular repository of Sysmon configuration modules for customizable endpoint detection and logging.
Open source Runtime Application Self-Protection (RASP) solution that integrates security directly into application servers via instrumentation.
Snort and YARA rules to detect attacks using FireEye's red team tools, released after their 2020 breach disclosure.
A centralized management and data collection server for deploying and monitoring multiple honeypot sensors.
A powerful, easily deployable network traffic analysis tool suite for PCAP files, Zeek logs, and Suricata alerts.
Monitor GitHub for sensitive information leaks in near real-time and send alert notifications.
A production-ready auditd configuration for Linux security monitoring that works out-of-the-box across major distributions.
A lightweight SSH honeypot that logs all connection attempts and activity without executing commands.
A Linux distribution for network detection and response (NDR) built around Suricata, providing a complete NDR platform.
A libpcap-based package for extracting and analyzing network flow data in JSON format for security research and monitoring.
A collection of Windows Event Forwarding configurations and subscriptions for centralized security event collection and incident detection.
A Python package with 30 low-high level honeypots for monitoring network traffic, bots, and credential attacks.
A centralized platform for security monitoring and analysis, integrating big data technologies for log aggregation, threat detection, and behavioral analytics.
A low-interaction SSH honeypot that logs attacker IPs, usernames, and passwords for security intelligence.
A curated collection of Event ID resources for digital forensics and incident response professionals.
An LLM-powered web honeypot that dynamically crafts realistic HTTP responses to mimic various applications and detect malicious traffic.
An open-source security analytics platform that integrates big data technologies for centralized security monitoring, threat detection, and investigation.
A network fingerprinting standard that identifies SSH client and server implementations via MD5 hashes of algorithm sets.
A serverless application to create and monitor fake HTTP endpoints (URL honeytokens) on AWS Lambda and API Gateway.
A collection of example YARA-L detection rules and dashboards for Google Security Operations (SecOps).
A web-based GUI for viewing and managing Suricata EVE security events stored in Elasticsearch or SQLite.
A PowerShell module collection for agentless artifact gathering and reconnaissance on Windows endpoints.
A powerful, easily deployable network traffic analysis tool suite for PCAP files, Zeek logs, and Suricata alerts.
A fully open-source audit logs service with an embeddable UI, designed for easy deployment to your own Kubernetes cluster.
A modular OSINT honeypot that monitors adversary reconnaissance attempts and generates early-warning intelligence for blue teams.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.