https://twitter.com/Suricata_IDS --------------------------------suricata官方twitter
https://forum.suricata.io/c/rules/9 -----------------------------Suricata官方论坛
https://bricata.com/blog/what-is-suricata-ids/ ------------------Suricat的介绍(国外博客)
https://www.secpulse.com/archives/71603.html ---------------------Suricata IDS 入门 — 规则详解
https://alparslanakyildiz.medium.com/creating-custom-suricata-signitures-260fc049b56a -----------外网,suricata规则编写
https://support.cloudshark.io/linux/threat-assessment-rules/ ------------Threat Assessment Rules
https://forum.opnsense.org/index.php?board=27.0 --------------OPNsense防火墙论坛关于suricata部分
https://www.jianshu.com/p/d81db4c352af -------------------------- Suricata默认规则集的目的与用途
https://zhuanlan.zhihu.com/p/36340468 ----------------------------Suricata规则介绍、以及使用suricata-update做规则管理
http://rules.emergingthreats.net/open/suricata/rules/ ------------Suricata-update命令更新的库源(免费,每日持续更新)
https://github.com/fireeye/sunburst_countermeasures --------------FireEye检测SolarWinds供应链攻击威胁信息 (免费,较新)
https://github.com/ptresearch/AttackDetection ------------------- 各类CVE漏洞攻击的rules(2016-2020部分cve)(推特:https://twitter.com/AttackDetection),部分有pcap,有rules,可以实现重放(免费,非持续更新)
https://github.com/sudohyak/suricata-rules -----------------------2020年CVE漏洞攻击的rules(免费,较新)
https://github.com/michalpurzynski/suricata-rules ---------------(免费,非持续性)
https://github.com/jvdroit/Suricata-rules -----------------------(免费,比较旧,五年前)
https://github.com/Truvis/Suricata_Threat-Hunting-Rules/blob/master/threat-hunting.rules (免费,比较旧,两年前)
https://github.com/opnsense/rules ------------------------------- OPNsense IDS / IPS规则 (免费,比较旧,三年前)
https://www.proofpoint.com/us/threat-insight/et-pro-ruleset ----- Proofpoint ET Pro规则集(收费,官网)
https://github.com/suricata-rules/suricata-rule ----------------- Suricata IDS rules 用来检测红队渗透/恶意行为等,支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等 (免费,非持续更新)
https://github.com/xNymia/Suricata-Signatures ------------------- 方程式组织的永恒之蓝和勒索软件(2条规则)(免费,比较旧,四年前)
https://github.com/jasonish/suricata-trafficid -------------------用于识别和分类流量的suricata规则的脚本 (免费,比较旧,四年前)
https://alparslanakyildiz.medium.com/creating-custom-suricata-signitures-260fc049b56a -----------suricata规则编写
https://www.pcapanalysis.com ------------------------------------编写测试rules使用的恶意pcap包(免费)
https://resources.infosecinstitute.com/topic/open-source-ids-snort-suricata/---------开源IDS:Snort还是SURICATA
https://bricata.com/blog/what-is-suricata-ids/---------------------------------------10个开源安全漏洞预防和检测工具
https://blog.securityonion.net/2020/12/solarwinds-supply-chain-attack.html --------securityonion安全社区原文:https://www.cnblogs.com/weifengsa/p/14174578.html