This repository is designed to provide a way to create and distribute detection signatures easily.
Get creative with your own detection solutions, completely unencumbered by license limitations.
To help combat evil, we firmly commit our work to the public domain for the greater good of the world. :tada:
master
branchsudo apt update
sudo apt install make parallel docker.io jq
sudo usermod -a -G docker $USER
sudo systemctl enable docker
sudo reboot
build/
make suricata-docker version=suricata-6.0.5
make suricata-docker-build version=suricata-6.0.5
make yara-docker version=yara-4.2.0
make yara-docker-build version=yara-4.2.0
make sigma-docker version=sigma-0.20
make sigma-docker-build version=sigma-0.20 threads=4
To package signatures use the following.
make package-targets
make package
If you wish to submit your signatures to the repository please have a look at CONTRIBUTING.md for our style and contribution guidelines.