The tool for updating your Suricata rules.

idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)

Updates the Emerging Threats open ruleset for Suricata

Mass deploy and update Suricata IDPS using Ansible IT automation platform

This is a simple script for updating Emerging Threats rules files and restarting suricata on dd-wrt

Suricata Docker container with rules updater for Kubernetes deployments

Rules updating script for Suricata IDS engine

A tool for updating Suricata rules and other inputs to the Suricata engine.

Simple offline rule updater Server for Suricata's Pfsense

No description available

Naive docker image to filter the suricata rules

No description available

Suricata update files focused on preventing FPs and other Noise

An implementation of suricat-update implemented in Rust.

No description available

Suricata Rule Update Tool

For automation rules uptades

No description available

A suricata-update Windows Port written using Rust

A way to automatically tune rules based on your network without needing a netwokr connection

Rules updating script for Suricata IDS engine

This project extends the Splunk and Log Source Lab by deploying Suricata as a network-based Intrusion Detection System (IDS). It documents the installation, configuration, and validation of Suricata, including rule updates and attack simulation.

Suricata detects a threat → Wazuh collects and forwards the alert → TheHive receives and creates a case → Cortex analyzes and enriches the case → TheHive updates and automates the response.

Simulated a Kaseya VSA–style supply-chain attack by emulating a compromised software update workflow. Built a controlled Flask-based update server and monitored malicious activity using Security Onion and Suricata, focusing on detection, alerting, and defensive analysis of endpoint threats.

Hands-on security lab demonstrating how to mitigate malware threats using AWS Network Firewall. Includes creation of a stateful rule group with Suricata-based intrusion prevention rules, updating a firewall policy, and testing from an isolated EC2 test instance to confirm malicious sites are blocked.

Using Suricata with bash scripting to detect malicious IPs. The script update-mdl.sh downloads a list of IP addresses and a list of Malicious IPs. These lists are compared to one another and a rating is applied based on the number of occurances.