BRO/Zeek IDS content pack contains pipeline rules, a stream, a dashboard displaying interesting activity, and a syslog tcp input to capture and index BRO/Zeek logs coming from a remote sensor.
-
Updated
Apr 12, 2020
#
security-onion
Here are 22 public repositories matching this topic...
This project aims to enhance intrusion detection using Security Onion by integrating machine learning models for improved alert prioritization.
python security data-science machine-learning jupyter-notebook cybersecurity network-security intrusion-detection-system security-onion
-
Updated
Sep 25, 2024 - Jupyter Notebook
Collection of PatternDB files to parse Ubiquiti Unifi events into Security Onion's Syslog-NG and ELSA
-
Updated
Apr 24, 2017
Standalone Security Onion Setup + Network Simulation using Two Devices
-
Updated
Jul 6, 2024
Presenting a guide and systematic methodology for implementing securityonion / ELK elastic search stack. Checklists, Samples, Tips, and Tricks
-
Updated
Dec 29, 2020
Test your IDS with a simple python2.7 SCAPY tool.
-
Updated
Apr 20, 2018 - Python
YARA signature | YARA rule for Detecting Voldemort Malware
splunk malware threat-hunting cuckoo yara security-onion soar edr voldemort yara-rule voldemort-malware
-
Updated
Sep 9, 2024 - YARA
Security Onion Packet Capture Download scripts
-
Updated
Nov 10, 2019 - Python
Security Operations Center: pfSense firewall, Security Onion IDS/IPS, Splunk SIEM, Wazuh EDR and Microsoft Defender for Endpoint — multi-layered threat monitoring, detection and incident response
splunk incident-response cybersecurity siem pfsense soc network-security security-onion wazuh security-lab security-operations-center
-
Updated
Jan 12, 2026
A Security Onion deployment project for intrusion detection and log analysis. Includes standalone, pfSense, internal, and cloud scenarios with Suricata, Zeek, Wazuh, and ELK stack integration.
-
Updated
Aug 12, 2025
Security Onion
-
Updated
Apr 10, 2026 - Shell
Full penetration test & SOC monitoring lab — Kali Linux, Metasploit, Security Onion 3.0
vagrant kibana cybersecurity penetration-testing suricata siem kali-linux ethical-hacking red-team metasploit security-onion blue-team
-
Updated
Apr 24, 2026
Full-stack enterprise security lab - firewall segmentation, SIEM/EDR, AD, and attack simulation on a single host.
portfolio virtualbox firewall incident-response active-directory cybersecurity xdr siem homelab ipfire security-onion blue-team edr threat-detection home-lab detection-engineering atomic-red-team soc-analyst soc-lab soc-engineering
-
Updated
Apr 10, 2026 - Shell
Full-spectrum cyber operation lab demonstrating red team exploitation and blue team detection using Security Onion SIEM, Metasploit, and MITRE ATT&CK.
incident-response cybersecurity nmap siem soc red-team network-security metasploit security-onion blue-team mitre-attack
-
Updated
May 6, 2026
Python-based port scan detection pipeline using Zeek logs
-
Updated
Mar 19, 2026 - Python
SOC Analyst Home Lab — Investigations, Detection Rules, Python Scripts
python splunk incident-response cybersecurity wireshark siem soc threat-intelligence security-onion wazuh
-
Updated
Apr 19, 2026
Security Onion SOC Lab - Incident Response & Threat Hunting.
-
Updated
Apr 26, 2026 - Shell
Self-hosted NetBird VPN with Security Onion SIEM integration. Zero-trust mesh networking for secure cloud-local connectivity. 14.7M+ events monitored.
-
Updated
May 1, 2026 - HTML
Documentation of my home lab which includes 5 virtual machines: pfSense, a Windows jump box, Ubuntu osTicket, Active Directory, and Security Onion.
network-topology active-directory osticket overview security-onion side-projects pfsense-firewall jump-box
-
Updated
Jan 30, 2026
Improve this page
Add a description, image, and links to the security-onion topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the security-onion topic, visit your repo's landing page and select "manage topics."