|Project Name||Stars||Downloads||Repos Using This||Packages Using This||Most Recent Commit||Total Releases||Latest Release||Open Issues||License||Language|
|Sigma||7,065||3||2||8 hours ago||35||January 13, 2019||16||other||Python|
|Main Sigma Rule Repository|
|Arkime is an open source, large scale, full packet capturing, indexing, and database system.|
|Redelk||2,177||11 days ago||30||bsd-3-clause||Python|
|Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.|
|Mozdef||2,172||2||2 years ago||22||August 03, 2020||mpl-2.0||Python|
|DEPRECATED - MozDef: Mozilla Enterprise Defense Platform|
|Spring Boot Leaning||2,068||a year ago||1||Java|
|Spring Boot 2.X 最全课程代码|
|Dork Admin||1,395||2 years ago||mit|
|Elasticsearch Readonlyrest Plugin||951||9 days ago||47||October 10, 2023||7||gpl-3.0||Scala|
|Free Elasticsearch security plugin and Kibana security plugin: super-easy Kibana multi-tenancy, Encryption, Authentication, Authorization, Auditing|
|Natlas||565||a year ago||120||apache-2.0||Python|
|Scaling Network Scanning. Changes prior to 1.0 may cause difficult to avoid backwards incompatibilities. You've been warned.|
|Awesome Cloud Security||527||a month ago|
|A curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.|
|Lme||522||8 hours ago||27||other||Shell|
|Logging Made Easy (LME) is a free and open logging and protective monitoring solution serving all organizations.|
Mozilla is no longer maintaining the Mozilla Enterprise Defense Platform (MozDef) project.
Please fork it to continue development.
The following button will launch the Mozilla Enterprise Defense Platform in your AWS account.
Warning: Pressing the "Launch Stack" button and following through with the deployment will incur charges to your AWS account.
The inspiration for MozDef comes from the large arsenal of tools available to attackers. Suites like metasploit, armitage, lair, dradis and others are readily available to help attackers coordinate, share intelligence and finely tune their attacks in real time. Defenders are usually limited to wikis, ticketing systems and manual tracking databases attached to the end of a Security Information Event Management (SIEM) system.
The Mozilla Enterprise Defense Platform (MozDef) seeks to automate the security incident handling process and facilitate the real-time activities of incident handlers.
MozDef is in production at Mozilla where we are using it to process over 300 million events per day.