https://github.com/daffainfo/suricata-rules

Suricata rules that can detect a wide range of threats, including malware, exploits, and other malicious activity especially web application attacks
https://github.com/daffainfo/suricata-rules

hacktoberfest suricata suricata-rules

Last synced: about 2 months ago
JSON representation

Suricata rules that can detect a wide range of threats, including malware, exploits, and other malicious activity especially web application attacks

• Host: GitHub
• URL: https://github.com/daffainfo/suricata-rules
• Owner: daffainfo
• License: apache-2.0
• Created: 2023-05-02T17:42:15.000Z (about 2 years ago)
• Default Branch: main
• Last Pushed: 2024-04-02T12:15:02.000Z (about 1 year ago)
• Last Synced: 2025-04-05T11:07:26.080Z (3 months ago)
• Topics: hacktoberfest, suricata, suricata-rules
• Language: Python
• Homepage:
• Size: 27.3 KB
• Stars: 43
• Watchers: 3
• Forks: 6
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# Suricata Rules

This repository contains a large collection of rules for the Suricata intrusion detection system (IDS). Suricata is an open-source network IDS that can detect a wide range of threats, including malware, exploits, and other malicious activity. Our rules are designed to be highly effective at detecting web application attack especially detecting latest CVEs.

> This repository is heavily influenced by `nuclei-templates` repository by ProjectDiscovery

# Usage

`main.py` will merge all rules into one file

```python

python3 main.py --path=/path/to/rules

```

# Suricata Rules Statistics

| Rules | Count |

| ----- | ----- |

| linux-structures.rules | 16 |

| CNVD-2021.rules | 10 |

| CVE-2008.rules | 9 |

| CVE-2013.rules | 8 |

| sql-injection.rules | 6 |

| CNVD-2020.rules | 5 |

| miscellaneous.rules | 4 |

| CVE-2007.rules | 4 |

| CVE-2020.rules | 4 |

| CVE-2002.rules | 4 |

# To-Do

- [ ] Add more [cvnd](https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cvnd) rules

- [ ] Add more [cves](https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves) rules

- [ ] Add more [default-logins](https://github.com/projectdiscovery/nuclei-templates/tree/main/http/default-logins) rules

- [ ] Add more [miscellaneous](https://github.com/projectdiscovery/nuclei-templates/tree/main/http/miscellaneous) rules

- [ ] Add more [vulnerabilities](https://github.com/projectdiscovery/nuclei-templates/tree/main/http/vulnerabilities) rules

- [ ] Add more `Malware` rules

- [ ] Add `URL Reference`

- [ ] Add more web application attack rules (e.g. `SQL Injection`, `XSS`, etc)

# Contributors

You can contribute to this repository by adding new rules or you can update the existing rules