https://github.com/t145/black-truffles

Snort rules organized by their applicable interfaces (i.e. WAN & LAN).
https://github.com/t145/black-truffles

Last synced: about 1 year ago
JSON representation

Snort rules organized by their applicable interfaces (i.e. WAN & LAN).

• Host: GitHub
• URL: https://github.com/t145/black-truffles
• Owner: T145
• License: agpl-3.0
• Created: 2023-08-06T01:34:15.000Z (almost 3 years ago)
• Default Branch: master
• Last Pushed: 2024-04-13T00:16:43.000Z (about 2 years ago)
• Last Synced: 2024-04-13T23:04:45.203Z (about 2 years ago)
• Language: Shell
• Size: 158 KB
• Stars: 1
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE
  • Codeowners: .github/CODEOWNERS

Awesome Lists containing this project

README

          
# [Black Truffles](https://truffleaddict.com/black-truffle/)

Created to source various rulesets and organize them by a proper interface.

The primary issue with other major lists is that many interface relationships and

their inverse relationships are included and activated in the same lists.

This leads to active but unused rules on the same interface, which is just unnecessary overhead.

This project groups rules with similar relationships, aims be a better EmergingThreats, and can gain the same success

with contributors who value keeping information freely available to the public.

Security through obscurity is mostly obsolete, and security cultivated to only help industry leaders invalidates other economy participants.

## Emerging Threats

- https://rules.emergingthreats.net/OPEN_download_instructions.html

## Snort 2 References

- https://github.com/maj0rmil4d/snort-ddos-mitigation

- https://github.com/digitalbond/Quickdraw-Snort

- https://github.com/Hestat/minerchk/blob/master/monero-snort.rules

- https://github.com/OpenIxia/sample-cloud-ids/blob/master/sensor/snort/local.rules

- https://github.com/ITI/ICS-Security-Tools/tree/master/configurations/rules

- https://github.com/MrAnde7son/Snort

- https://github.com/mandiant/sunburst_countermeasures/blob/main/all-snort.rules

- https://github.com/mandiant/red_team_tool_countermeasures/blob/master/all-snort.rules

- https://github.com/mandiant/pulsesecure_exploitation_countermeasures/tree/main/snort

- https://github.com/eset/malware-ioc

## Suricata References

- https://malsilo.gitlab.io/feeds/dumps/malsilo.rules.tar.gz

- https://github.com/OISF/suricata-trafficid

- https://github.com/ptresearch/AttackDetection

- https://github.com/travisbgreen/hunting-rules