Pulled Pork – Suricata & Snort Rule Management


Pulled Pork is a PERL based tool for Suricata and Snort rule management – it can determine your version of Snort and automatically download the latest rules for you.

Pulled Pork - Suricata & Snort Rule Management

The name was chosen because simply speaking, it Pulls the rules. Using a regular crontab you can keep your Snort or Suricata rules up to date automatically.

Features and Capabilities

Pulledpork 0.7.2 has been tested and works with Snort 2.9.8.3/Suricata 3.1.3 and the Snort Registered rules/ETOpen/ETPro rulesets.

  • Automated downloading, parsing, state modification and rule modification for all of your snort rulesets.
  • Checksum verification for all major rule downloads
  • Automatic generation of updated sid-msg.map file
  • Capability to include your local.rules in sid-msg.map file
  • Capability to pull rules tarballs from custom urls
  • Complete Shared Object support
  • Complete IP Reputation List support
  • Capability to download multiple disparate rulesets at once
  • Maintains accurate changelog
  • Capability to HUP processes after rules download and process
  • Aids in tuning of rulesets
  • Verbose output so that you know EXACTLY what is happening
  • Minimal Perl Module dependencies
  • Support for Suricata, and ETOpen/ETPro rulesets

Usage

You can download Pulled Pork here:

pulledpork-v0.7.2.zip

Or read more here.

Posted in: Countermeasures, Networking Hacking, Security Software

,


Latest Posts:


Memhunter - Automated Memory Resident Malware Detection Memhunter – Automated Memory Resident Malware Detection
Memhunter is an Automated Memory Resident Malware Detection tool for the hunting of memory resident malware at scale, improving threat hunter analysis process.
Sandcastle - AWS S3 Bucket Enumeration Tool Sandcastle – AWS S3 Bucket Enumeration Tool
Astra - API Automated Security Testing For REST Astra – API Automated Security Testing For REST
Astra is a Python-based tool for API Automated Security Testing, REST API penetration testing is complex due to continuous changes in existing APIs.
Judas DNS - Nameserver DNS Poisoning Attack Tool Judas DNS – Nameserver DNS Poisoning Attack Tool
Judas DNS is a Nameserver DNS Poisoning Attack Tool which functions as a DNS proxy server built to be deployed in place of a taken over nameserver to perform targeted exploitation.
dsniff Download - Tools for Network Auditing & Password Sniffing dsniff Download – Tools for Network Auditing & Password Sniffing
Dsniff download is a collection of tools for network auditing & penetration testing. Dsniff, filesnarf, mailsnarf, msgsnarf, URLsnarf, and WebSpy passively monitor a network
OWASP Amass - DNS Enumeration, Attack Surface Mapping & External Asset Discovery OWASP Amass – DNS Enumeration, Attack Surface Mapping & External Asset Discovery
The OWASP Amass Project is a DNS Enumeration, Attack Surface Mapping & External Asset Discovery tool to help information security professionals perform network mapping of attack surfaces.


Comments are closed.