Security Monitoring
Showing 27 of 63 projects
A protocol-agnostic, low-interaction honeypot that intercepts and logs network traffic to analyze malicious activities.
A daily updated summary of the most frequent security advisories from multiple global CERTs and threat intelligence sources.
A Splunk-based platform for deploying honeypots and analyzing attacker sessions with intelligence dashboards and threat feeds.
A Telnet honeypot that logs failed login attempts to track botnet activity like Mirai.
A curated list of awesome tools, libraries, dashboards, and resources for the Suricata intrusion detection/prevention system.
Real-time visualization of GPS events on an interactive SVG world map using websockets.
An open-source SIEM system built with Python Django for log management, risk assessment, and asset tracking.
A lightweight authenticated publish-subscribe protocol for binary data feeds, commonly used in security monitoring.
A honeypot designed to detect and log attacks targeting Elasticsearch remote code execution vulnerabilities.
A high-interaction SSH honeypot that logs and proxies attacker connections to a real SSH server.
A curated collection of awesome apps, visualizations, and resources for the Splunk data platform.
A Docker-based honeypot that creates disposable containers to capture and analyze attack attempts.
An open-source framework for receiving, processing, and redistributing abuse feeds and threat intelligence.
A comprehensive performance tuning guide for optimizing Suricata IDS/IPS deployments in high-throughput network environments.
An automated scanner and web dashboard for tracking TLS deployment across news organizations.
A low-to-medium interaction SSH honeypot written in Go that captures terminal sessions and logs attacker activity.
A web interface for exploring Suricata EVE outputs, designed for CTF players to analyze network flows during attack-defense games.
A low-interaction honeypot that catches attacks against TCP and UDP services by emulating protocols, mirroring, or proxying connections.
A honeypot that detects and logs exploitation attempts targeting the Log4Shell vulnerability (CVE-2021-44228).
A tool to normalize, index, enrich, and visualize network packet captures (pcap) using Redis and interactive web graphics.
A set of Suricata IDS/IPS detection rules specifically designed to identify NMAP port scans across various scan types and speeds.
Analyzes web traffic via Squid proxy to detect command and control servers and malicious sites using Spamhaus data.
A Flask-based honeypot that mimics Outlook Web Access to detect and log authentication attempts.
A simple and effective honeypot that mimics phpMyAdmin to detect and log unauthorized access attempts.
A honeynet system that deploys multiple honeypots, processes attack data with threat intelligence, and provides a web dashboard for analysis.
A security incident response card game that trains defenders through fictional scenarios and activity-based gameplay.
A Heroku-based web honeypot for creating and monitoring fake HTTP endpoints (honeytokens) to detect attackers and malicious activity.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.