secsystem/suricata.rules.test

Folders and files

Name		Name	Last commit message	Last commit date
Latest commit History 39 Commits
AWVS扫描		AWVS扫描
MS17-010		MS17-010
PowerShell Empire		PowerShell Empire
S2-016		S2-016
TelsaCrypt敲诈者病毒		TelsaCrypt敲诈者病毒
webshell上传		webshell上传
xss		xss
应用层攻击-sqlmap		应用层攻击-sqlmap
心脏滴血		心脏滴血
拒绝服务-ms12_020		拒绝服务-ms12_020
挖矿行为-门罗币		挖矿行为-门罗币
暴力破解-ftp		暴力破解-ftp
暴力破解-ssh		暴力破解-ssh
木马活动		木马活动
本地文件包含		本地文件包含
洪水攻击		洪水攻击
浏览器脆弱性-ms10_002_aurora		浏览器脆弱性-ms10_002_aurora
端口扫描		端口扫描
蠕虫-mssql		蠕虫-mssql
远程执行-ms08_067		远程执行-ms08_067
CHANGELOG.md		CHANGELOG.md
README.md		README.md

Repository files navigation

suricata规则测试

1. 测试环境

ubuntu16.04+suricata+rules

suricata安装教程 ➡️ - https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Ubuntu_Installation

2. 测试步骤

2.1 测试指定流量+规则

[root@localhost ~]# suricata -s wannamine.rules -r wannamine.pcap

2.2 查看fast.log日志

[root@localhost ~]# tail -f fast.log

TODO

整理场景(classtype,tag)
环境准备pcap包对应msg

About

suricata.rules.test

Releases

No releases published

Packages

No packages published

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

secsystem/suricata.rules.test

Folders and files

Latest commit

History

Repository files navigation

suricata规则测试

1. 测试环境

2. 测试步骤

2.1 测试指定流量+规则

2.2 查看fast.log日志

TODO

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages

secsystem/suricata.rules.test

Folders and files

Latest commit

History

Repository files navigation

suricata规则测试

1. 测试环境

2. 测试步骤

2.1 测试指定流量+规则

2.2 查看fast.log日志

TODO

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Packages